CVE-2023-52683
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ACPI: LPIT: Avoid u32 multiplication overflow
In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000).
Change multiplication to mul_u32_u32().
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < 647d1d50c31e60ef9ccb9756a8fdf863329f7aee | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < 6c38e791bde07d6ca2a0a619ff9b6837e0d5f9ad | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < f39c3d578c7d09a18ceaf56750fc7f20b02ada63 | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < c1814a4ffd016ce5392c6767d22ef3aa2f0d4bd1 | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < 72222dfd76a79d9666ab3117fcdd44ca8cd0c4de | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < d1ac288b2742aa4af746c5613bac71760fadd1c4 | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < b7aab9d906e2e252a7783f872406033ec49b6dae | affected |
| Linux | Linux | eeb2d80d502af28e5660ff4bbe00f90ceb82c2db < 56d2eeda87995245300836ee4dbd13b002311782 | affected |
| Linux | Linux | 4.15 | affected |
| Linux | Linux | 0 < 4.15 | unaffected |
| Linux | Linux | 4.19.306 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.268 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.209 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.148 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.75 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.14 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.2 <= 6.7.* | unaffected |
| Linux | Linux | 6.8 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/647d1d50c31e60ef9ccb9756a8fdf863329f7aee
- https://git.kernel.org/stable/c/6c38e791bde07d6ca2a0a619ff9b6837e0d5f9ad
- https://git.kernel.org/stable/c/f39c3d578c7d09a18ceaf56750fc7f20b02ada63
- https://git.kernel.org/stable/c/c1814a4ffd016ce5392c6767d22ef3aa2f0d4bd1
- https://git.kernel.org/stable/c/72222dfd76a79d9666ab3117fcdd44ca8cd0c4de
- https://git.kernel.org/stable/c/d1ac288b2742aa4af746c5613bac71760fadd1c4
- https://git.kernel.org/stable/c/b7aab9d906e2e252a7783f872406033ec49b6dae
- https://git.kernel.org/stable/c/56d2eeda87995245300836ee4dbd13b002311782
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
References
- https://git.kernel.org/stable/c/647d1d50c31e60ef9ccb9756a8fdf863329f7aee
- https://git.kernel.org/stable/c/6c38e791bde07d6ca2a0a619ff9b6837e0d5f9ad
- https://git.kernel.org/stable/c/f39c3d578c7d09a18ceaf56750fc7f20b02ada63
- https://git.kernel.org/stable/c/c1814a4ffd016ce5392c6767d22ef3aa2f0d4bd1
- https://git.kernel.org/stable/c/72222dfd76a79d9666ab3117fcdd44ca8cd0c4de
- https://git.kernel.org/stable/c/d1ac288b2742aa4af746c5613bac71760fadd1c4
- https://git.kernel.org/stable/c/b7aab9d906e2e252a7783f872406033ec49b6dae
- https://git.kernel.org/stable/c/56d2eeda87995245300836ee4dbd13b002311782
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.