CVE-2023-52857

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: Fix coverity issue with unintentional integer overflow

  1. Instead of multiplying 2 variable of different types. Change to assign a value of one variable and then multiply the other variable.

  2. Add a int variable for multiplier calculation instead of calculating different types multiplier with dma_addr_t variable directly.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1a64a7aff8da352c9419de3d5c34343682916411 < a12bd675100531f9fb4508fd4430dd1632325a0eaffected
LinuxLinux1a64a7aff8da352c9419de3d5c34343682916411 < 0d8a1df39d3fc34560e2cc663b5c340d06a25396affected
LinuxLinux1a64a7aff8da352c9419de3d5c34343682916411 < 96312a251d4dcee5d36e32edba3002bfde0ddd9caffected
LinuxLinux1a64a7aff8da352c9419de3d5c34343682916411 < b0b0d811eac6b4c52cb9ad632fa6384cf48869e7affected
LinuxLinux73e81f7219aa582d8e55a7b6552f607a8e5a9724affected
LinuxLinux5.13.12 < 5.14affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux6.1.132 <= 6.1.*unaffected
LinuxLinux6.5.12 <= 6.5.*unaffected
LinuxLinux6.6.2 <= 6.6.*unaffected
LinuxLinux6.7 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References