{"id":"CVE-2024-49970","summary":"drm/amd/display: Implement bounds check for stream encoder creation in DCN401","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Implement bounds check for stream encoder creation in DCN401\n\n'stream_enc_regs' array is an array of dcn10_stream_enc_registers\nstructures. The array is initialized with four elements, corresponding\nto the four calls to stream_enc_regs() in the array initializer. This\nmeans that valid indices for this array are 0, 1, 2, and 3.\n\nThe error message 'stream_enc_regs' 4 \u003c= 5 below, is indicating that\nthere is an attempt to access this array with an index of 5, which is\nout of bounds. This could lead to undefined behavior\n\nHere, eng_id is used as an index to access the stream_enc_regs array. If\neng_id is 5, this would result in an out-of-bounds access on the\nstream_enc_regs array.\n\nThus fixing Buffer overflow error in dcn401_stream_encoder_create\n\nFound by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn401/dcn401_resource.c:1209 dcn401_stream_encoder_create() error: buffer overflow 'stream_enc_regs' 4 \u003c= 5","modified":"2026-04-02T12:21:10.710250Z","published":"2024-10-21T18:02:19.694Z","related":["USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49970.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/b219b46ad42df1dea9258788bcfea37181f3ccb2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bdf606810210e8e07a0cdf1af3c467291363b295"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49970.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49970"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c"},{"fixed":"b219b46ad42df1dea9258788bcfea37181f3ccb2"},{"fixed":"bdf606810210e8e07a0cdf1af3c467291363b295"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-49970.json"}}],"schema_version":"1.7.5"}