CVE-2023-52512
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: nuvoton: wpcm450: fix out of bounds write
Write into 'pctrl->gpio_bank' happens before the check for GPIO index validity, so out of bounds write may happen.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a1d1e0e3d80a870cc37a6c064994b89e963d2b58 < 6c18c386fd13dbb3ff31a1086dabb526780d9bda | affected |
| Linux | Linux | a1d1e0e3d80a870cc37a6c064994b89e963d2b58 < c9d7cac0fd27c74dd368e80dc4b5d0f9f2e13cf8 | affected |
| Linux | Linux | a1d1e0e3d80a870cc37a6c064994b89e963d2b58 < 87d315a34133edcb29c4cadbf196ec6c30dfd47b | affected |
| Linux | Linux | 5.18 | affected |
| Linux | Linux | 0 < 5.18 | unaffected |
| Linux | Linux | 6.1.59 <= 6.1.* | unaffected |
| Linux | Linux | 6.5.8 <= 6.5.* | unaffected |
| Linux | Linux | 6.6 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/6c18c386fd13dbb3ff31a1086dabb526780d9bda
- https://git.kernel.org/stable/c/c9d7cac0fd27c74dd368e80dc4b5d0f9f2e13cf8
- https://git.kernel.org/stable/c/87d315a34133edcb29c4cadbf196ec6c30dfd47b
References
- https://git.kernel.org/stable/c/6c18c386fd13dbb3ff31a1086dabb526780d9bda
- https://git.kernel.org/stable/c/c9d7cac0fd27c74dd368e80dc4b5d0f9f2e13cf8
- https://git.kernel.org/stable/c/87d315a34133edcb29c4cadbf196ec6c30dfd47b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.