CVE-2023-52565

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: uvcvideo: Fix OOB read

If the index provided by the user is bigger than the mask size, we might do an out of bound read.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux367703c3ec4f72208b8cae14310b8a2c955ec565 < 09635bf4cdd4adf2160198a6041bcc7ca46c0558affected
LinuxLinux40140eda661ea4be219ef194a4f43b7b5e3bbd27 < 8bcf70d787f7d53a3b85ad394f926cfef3eed023affected
LinuxLinux40140eda661ea4be219ef194a4f43b7b5e3bbd27 < 41ebaa5e0eebea4c3bac96b72f9f8ae0d77c0bdbaffected
LinuxLinux42cbbc6b2c39b02e07cbd24dc2155d4edb99dd04affected
LinuxLinux6.1.16 < 6.1.56affected
LinuxLinux6.2.3 < 6.3affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.1.56 <= 6.1.*unaffected
LinuxLinux6.5.6 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References