{"uuid": "5cfde06d-2d93-4d7f-9940-a0f048fda8c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56695", "type": "seen", "source": "https://t.me/cvedetector/13837", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56695 - AMDGPU Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56695 \nPublished : Dec. 28, 2024, 10:15 a.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndrm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'  \n  \nThe `kfd_get_cu_occupancy` function previously declared a large  \n`cu_occupancy` array as a local variable, which could lead to stack  \noverflows due to excessive stack usage. This commit replaces the static  \narray allocation with dynamic memory allocation using `kcalloc`,  \nthereby reducing the stack size.  \n  \nThis change avoids the risk of stack overflows in kernel space,  in  \nscenarios where `AMDGPU_MAX_QUEUES` is large. The  allocated memory is  \nfreed using `kfree` before the function returns  to prevent memory  \nleaks.  \n  \nFixes the below with gcc W=1:  \ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c: In function \u2018kfd_get_cu_occupancy\u2019:  \ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c:322:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=]  \n  322 | }  \n      | ^ \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:06:03.000000Z"}