漏洞标题
drm/amd/display: 避免HDCP过读和损坏
漏洞描述信息
在Linux内核中,已修复以下漏洞:
drm/amd/display: 避免HDCP越读和损坏
代码原本打算读取实际目标字段中的5个字节,但实际上读取了8个字节。如果尾随的3个字节非零,这会导致值损坏,因此应使用适当大小并初始化为零的缓冲区,并在将数据转换为u64之前只读取5个字节。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
跨界内存读
漏洞标题
drm/amd/display: Avoid HDCP over-read and corruption
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid HDCP over-read and corruption
Instead of reading the desired 5 bytes of the actual target field,
the code was reading 8. This could result in a corrupted value if the
trailing 3 bytes were non-zero, so instead use an appropriately sized
and zero-initialized bounce buffer, and read only 5 bytes before casting
to u64.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Linux kernel 安全漏洞
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于HDCP 过度读取和损坏。
CVSS信息
N/A
漏洞类别
其他