CVE-2023-52494

Summary

In the Linux kernel, the following vulnerability has been resolved:

bus: mhi: host: Add alignment check for event ring read pointer

Though we do check the event ring read pointer by "is_valid_ring_ptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned. Since we are expecting event ring elements are 128 bits(struct mhi_ring_element) aligned, an unaligned read pointer could lead to multiple issues like DoS or ring buffer memory corruption.

So add a alignment check for event ring read pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxec32332df7645e0ba463a08d483fe97665167071 < 94991728c84f8df54fd9eec9b85855ef9057ea08affected
LinuxLinuxec32332df7645e0ba463a08d483fe97665167071 < 2df39ac8f813860f79782807c3f7acff40b3c551affected
LinuxLinuxec32332df7645e0ba463a08d483fe97665167071 < a9ebfc405fe1be145f414eafadcbf09506082010affected
LinuxLinuxec32332df7645e0ba463a08d483fe97665167071 < ecf8320111822a1ae5d5fc512953eab46d543d0baffected
LinuxLinuxec32332df7645e0ba463a08d483fe97665167071 < eff9704f5332a13b08fbdbe0f84059c9e7051d5faffected
LinuxLinuxa1d2bd164c1c78f87968b7883964175ec41c32aeaffected
LinuxLinuxfd5f40fc887485a8b9a6806a640a0d8e0ef1afb6affected
LinuxLinux76879a980cd5ede4cb9a638999fb80d37bc09db5affected
LinuxLinux5.10.36 < 5.11affected
LinuxLinux5.11.20 < 5.12affected
LinuxLinux5.12.3 < 5.13affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.149 <= 5.15.*unaffected
LinuxLinux6.1.76 <= 6.1.*unaffected
LinuxLinux6.6.15 <= 6.6.*unaffected
LinuxLinux6.7.3 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References