cve/2024/CVE-2024-49970.md

### [CVE-2024-49970](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49970)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.15%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:drm/amd/display: Implement bounds check for stream encoder creation in DCN401'stream_enc_regs' array is an array of dcn10_stream_enc_registersstructures. The array is initialized with four elements, correspondingto the four calls to stream_enc_regs() in the array initializer. Thismeans that valid indices for this array are 0, 1, 2, and 3.The error message 'stream_enc_regs' 4 <= 5 below, is indicating thatthere is an attempt to access this array with an index of 5, which isout of bounds. This could lead to undefined behaviorHere, eng_id is used as an index to access the stream_enc_regs array. Ifeng_id is 5, this would result in an out-of-bounds access on thestream_enc_regs array.Thus fixing Buffer overflow error in dcn401_stream_encoder_createFound by smatch:drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn401/dcn401_resource.c:1209 dcn401_stream_encoder_create() error: buffer overflow 'stream_enc_regs' 4 <= 5

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds