CVE-2023-52512

Summary

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: nuvoton: wpcm450: fix out of bounds write

Write into 'pctrl->gpio_bank' happens before the check for GPIO index validity, so out of bounds write may happen.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa1d1e0e3d80a870cc37a6c064994b89e963d2b58 < 6c18c386fd13dbb3ff31a1086dabb526780d9bdaaffected
LinuxLinuxa1d1e0e3d80a870cc37a6c064994b89e963d2b58 < c9d7cac0fd27c74dd368e80dc4b5d0f9f2e13cf8affected
LinuxLinuxa1d1e0e3d80a870cc37a6c064994b89e963d2b58 < 87d315a34133edcb29c4cadbf196ec6c30dfd47baffected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.59 <= 6.1.*unaffected
LinuxLinux6.5.8 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References