Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-42327

Related Vulnerabilities: CVE-2021-42327  

dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.

Source

Description

The MITRE CVE dictionary describes this issue as:

dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.

Additional Information

  • Bugzilla 2016692: CVE-2021-42327 kernel: heap-based buffer overflow in dp_link_settings_write() in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • FAQ: Frequently asked questions about CVE-2021-42327

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started