cve 2024 26914

CVE-2024-26914 is a Linux kernel vulnerability affecting AMD GPU display code. The issue involves an array-bounds error in the AMD DRM driver where an incorrect constant (MAX_SURFACES instead of MAX_PLANES) was used to size the mpc_combine array, potentially allowing an out-of-bounds write when a GPU has more planes than the per-stream limit. A patch has been released to fix this by using the hardware-wide MAX_PLANES for allocation, and it has been included in stable kernel trees and distribution security advisories. This tag covers discussions and updates related to this specific CVE.