CVE-2023-52495

Summary

In the Linux kernel, the following vulnerability has been resolved:

soc: qcom: pmic_glink_altmode: fix port sanity check

The PMIC GLINK altmode driver currently supports at most two ports.

Fix the incomplete port sanity check on notifications to avoid accessing and corrupting memory beyond the port array if we ever get a notification for an unsupported port.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux080b4e24852b1d5b66929f69344e6c3eeb963941 < 532a5557da6892a6b2d5793052e1bce1f4c9e177affected
LinuxLinux080b4e24852b1d5b66929f69344e6c3eeb963941 < d26edf4ee3672cc9828f2a3ffae34086a712574daffected
LinuxLinux080b4e24852b1d5b66929f69344e6c3eeb963941 < c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.15 <= 6.6.*unaffected
LinuxLinux6.7.3 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References