CVE-2023-52677

Summary

In the Linux kernel, the following vulnerability has been resolved:

riscv: Check if the code to patch lies in the exit section

Otherwise we fall through to vmalloc_to_page() which panics since the address does not lie in the vmalloc region.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux043cb41a85de1c0e944da61ad7a264960e22c865 < 938f70d14618ec72e10d6fcf8a546134136d7c13affected
LinuxLinux043cb41a85de1c0e944da61ad7a264960e22c865 < 890cfe5337e0aaf03ece1429db04d23c88da72e7affected
LinuxLinux043cb41a85de1c0e944da61ad7a264960e22c865 < 8db56df4a954b774bdc68917046a685a9fa2e4bcaffected
LinuxLinux043cb41a85de1c0e944da61ad7a264960e22c865 < 1d7a03052846f34d624d0ab41a879adf5e85c85faffected
LinuxLinux043cb41a85de1c0e944da61ad7a264960e22c865 < 420370f3ae3d3b883813fd3051a38805160b2b9faffected
LinuxLinux5.7affected
LinuxLinux0 < 5.7unaffected
LinuxLinux5.15.148 <= 5.15.*unaffected
LinuxLinux6.1.75 <= 6.1.*unaffected
LinuxLinux6.6.14 <= 6.6.*unaffected
LinuxLinux6.7.2 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References