drivers/amd/pm: fix a use-after-free in kv_parse_power_table
stable inclusion from stable-v4.19.305 commit 8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I94FUJ CVE: CVE-2023-52469 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e -------------------------------- [ Upstream commit 28dd788382c43b330480f57cd34cde0840896743 ] When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes through the following call chains: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its first free in kv_parse_power_table and causes a use-after-free bug. Fixes: a2e73f56 ("drm/amdgpu: Add support for CIK parts") Signed-off-by:Zhipeng Lu <alexious@zju.edu.cn> Signed-off-by:
Loading
Please sign in to comment