{"id":"CVE-2024-26660","summary":"drm/amd/display: Implement bounds check for stream encoder creation in DCN301","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Implement bounds check for stream encoder creation in DCN301\n\n'stream_enc_regs' array is an array of dcn10_stream_enc_registers\nstructures. The array is initialized with four elements, corresponding\nto the four calls to stream_enc_regs() in the array initializer. This\nmeans that valid indices for this array are 0, 1, 2, and 3.\n\nThe error message 'stream_enc_regs' 4 \u003c= 5 below, is indicating that\nthere is an attempt to access this array with an index of 5, which is\nout of bounds. This could lead to undefined behavior\n\nHere, eng_id is used as an index to access the stream_enc_regs array. If\neng_id is 5, this would result in an out-of-bounds access on the\nstream_enc_regs array.\n\nThus fixing Buffer overflow error in dcn301_stream_encoder_create\nreported by Smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn301/dcn301_resource.c:1011 dcn301_stream_encoder_create() error: buffer overflow 'stream_enc_regs' 4 \u003c= 5","modified":"2026-04-02T10:05:19.543424Z","published":"2024-04-02T06:22:10.263Z","related":["SUSE-SU-2024:1490-1","SUSE-SU-2024:1659-1","SUSE-SU-2024:1663-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26660.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/42442f74314d41ddc68227047036fa3e78940054"},{"type":"WEB","url":"https://git.kernel.org/stable/c/58fca355ad37dcb5f785d9095db5f748b79c5dc2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a938eab9586eea31cfd129a507f552efae14d738"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cd9bd10c59e3c1446680514fd3097c5b00d3712d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/efdd665ce1a1634b8c1dad5e7f6baaef3e131d0a"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26660.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26660"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3a83e4e64bb1522ddac67ffc787d1c38291e1a65"},{"fixed":"42442f74314d41ddc68227047036fa3e78940054"},{"fixed":"efdd665ce1a1634b8c1dad5e7f6baaef3e131d0a"},{"fixed":"cd9bd10c59e3c1446680514fd3097c5b00d3712d"},{"fixed":"a938eab9586eea31cfd129a507f552efae14d738"},{"fixed":"58fca355ad37dcb5f785d9095db5f748b79c5dc2"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26660.json"}}],"schema_version":"1.7.5"}