{"id":"CVE-2023-54150","summary":"drm/amd: Fix an out of bounds error in BIOS parser","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix an out of bounds error in BIOS parser\n\nThe array is hardcoded to 8 in atomfirmware.h, but firmware provides\na bigger one sometimes. Deferencing the larger array causes an out\nof bounds error.\n\ncommit 4fc1ba4aa589 (\"drm/amd/display: fix array index out of bound error\nin bios parser\") fixed some of this, but there are two other cases\nnot covered by it.  Fix those as well.","modified":"2026-03-20T12:33:28.285034Z","published":"2025-12-24T13:07:01.754Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54150.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/5675ecd2e0b00a4318ba1db1a1234e7d45b13d6b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/66acfe798cd08b36cfbb65a30fab3159811304a7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b8e7589f50b709b647b642531599e70707faf70c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d116db180decec1b21bba31d2ff495ac4d8e1b83"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dea2dbec716c38a0b73b6ad01d91e2b120cc5f1e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54150.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54150"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ae79c310b1a6f97429a5784b65f125d9cc9c95b1"},{"fixed":"b8e7589f50b709b647b642531599e70707faf70c"},{"fixed":"66acfe798cd08b36cfbb65a30fab3159811304a7"},{"fixed":"5675ecd2e0b00a4318ba1db1a1234e7d45b13d6b"},{"fixed":"dea2dbec716c38a0b73b6ad01d91e2b120cc5f1e"},{"fixed":"d116db180decec1b21bba31d2ff495ac4d8e1b83"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54150.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"5.10.181"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.113"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.30"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.3.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54150.json"}}],"schema_version":"1.7.5"}