CVE-2023-52807

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs

The hns3 driver define an array of string to show the coalesce info, but if the kernel adds a new mode or a new state, out-of-bounds access may occur when coalesce info is read via debugfs, this patch fix the problem.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc99fead7cb07979f5db38035ccb5f02ad2c7106a < 07f5b8c47152cadbd9102e053dcb60685820aa09affected
LinuxLinuxc99fead7cb07979f5db38035ccb5f02ad2c7106a < be1f703f39efa27b7371b9a4cd983317f1366792affected
LinuxLinuxc99fead7cb07979f5db38035ccb5f02ad2c7106a < f79d985c69060047426be68b7e4c1663d5d731b4affected
LinuxLinuxc99fead7cb07979f5db38035ccb5f02ad2c7106a < 53aba458f23846112c0d44239580ff59bc5c36c3affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.64 <= 6.1.*unaffected
LinuxLinux6.5.13 <= 6.5.*unaffected
LinuxLinux6.6.3 <= 6.6.*unaffected
LinuxLinux6.7 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References