CVE-2023-52649
drm/vkms: Avoid reading beyond LUT array
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
drm/vkms: Avoid reading beyond LUT array
When the floor LUT index (drm_fixp2int(lut_index) is the last
index of the array the ceil LUT index will point to an entry
beyond the array. Make sure we guard against it and use the
value of the floor LUT index.
v3:
- Drop bits from commit description that didn't contribute
anything of value
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/vkms: Evite leer más allá de la matriz LUT Cuando el índice LUT de piso (drm_fixp2int(lut_index) es el último índice de la matriz, el índice LUT de techo apuntará a una entrada más allá de la matriz Asegúrese de protegernos contra esto y usar el valor del índice LUT de piso v3: - Elimine los bits de la descripción de confirmación que no contribuyeron con nada de valor.
An array read overflow vulnerability was found in drivers/gpu/drm/vkms/vkms_composer.c in the Linux kernel. This issue may lead to a crash.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-06 CVE Reserved
- 2024-05-01 CVE Published
- 2024-05-02 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/db1f254f2cfaf0510ae34fa2311a8d749e95179a | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-52649 | 2024-11-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2278524 | 2024-11-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.6.23" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.7.11" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.8.2" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.9" | en |
Affected
|