SB2024060824 - Buffer overflow in Linux kernel drm radeon driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2023-52867)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the drivers/gpu/drm/radeon/evergreen.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783
• https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f
• https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783
• https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896
• https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94
• https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58
• https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855
• https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45
• https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.330
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.299
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.139
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.261
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.63
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.12
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7