Vulnerabilities > CVE-2024-42228 - Use of Uninitialized Resource vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
HIGH Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001. V2: To really improve the handling we would actually need to have a separate value of 0xffffffff.(Christian)
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/3b505759447637dcccb50cbd98ec6f8d2a04fc46
- https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef
- https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef
- https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944
- https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944
- https://git.kernel.org/stable/c/9ee1534ecdd5b4c013064663502d7fde824d2144
- https://git.kernel.org/stable/c/d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8
- https://git.kernel.org/stable/c/da6a85d197888067e8d38b5d22c986b5b5cab712
- https://git.kernel.org/stable/c/df02642c21c984303fe34c3f7d72965792fb1a15
- https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440
- https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440