CVE-2023-52871

soc: qcom: llcc: Handle a second device without data corruption

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

soc: qcom: llcc: Handle a second device without data corruption

Usually there is only one llcc device. But if there were a second, even
a failed probe call would modify the global drv_data pointer. So check
if drv_data is valid before overwriting it.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: soc: qcom: llcc: Manejar un segundo dispositivo sin corrupción de datos. Generalmente solo hay un dispositivo llcc. Pero si hubiera un segundo, incluso una llamada de sonda fallida modificaría el puntero global drv_data. Así que verifique si drv_data es válido antes de sobrescribirlo.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/a3134fb09e0bc5bee76e13bf863173b86f21cf87	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/cc1a1dcb411fe224f48553cfdcdfe6e61395b69c	2023-11-20
https://git.kernel.org/stable/c/5e5b85ea0f4bc484bfe4cc73ead51fa48d2366a0	2023-11-20
https://git.kernel.org/stable/c/995ee1e84e8db7fa5dcdde7dfe0bd7bb6f9bbb8c	2023-11-20
https://git.kernel.org/stable/c/f0ef883cae309bc5e8cdfcdbc1b4822732ce20a8	2023-11-20
https://git.kernel.org/stable/c/3565684309e54fa998ea27f37028d67cc3e1dff2	2023-11-20
https://git.kernel.org/stable/c/1143bfb9b055897975aeaea254da148e19524493	2023-11-20
https://git.kernel.org/stable/c/f1a1bc8775b26345aba2be278118999e7f661d3d	2023-09-27

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.4.261 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.4.261"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.10.201 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.10.201"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.15.139 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.15.139"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.1.63 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.1.63"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.5.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.5.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.6.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.7"		en		Affected