cve/2024/CVE-2024-56695.md

### [CVE-2024-56695](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56695)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.12%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6ae9e1aba97e4cdaa31a0bfdc07497ad0e915c84%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'The `kfd_get_cu_occupancy` function previously declared a large`cu_occupancy` array as a local variable, which could lead to stackoverflows due to excessive stack usage. This commit replaces the staticarray allocation with dynamic memory allocation using `kcalloc`,thereby reducing the stack size.This change avoids the risk of stack overflows in kernel space,  inscenarios where `AMDGPU_MAX_QUEUES` is large. The  allocated memory isfreed using `kfree` before the function returns  to prevent memoryleaks.Fixes the below with gcc W=1:drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c: In function ‘kfd_get_cu_occupancy’:drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c:322:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=]  322 | }      | ^

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/cku-heise/euvd-api-doc
- https://github.com/fkie-cad/nvd-json-data-feeds