CVE-2023-53309

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/radeon: Fix integer overflow in radeon_cs_parser_init

The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later

Affected Software

VendorProductVersion RangeStatus
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < d05ba46134d07e889de7d23cf8503574a22ede09affected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < cfa9148bafb2d3292b65de1bac79dcca65be2643affected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < b8fab6aebdf2115ec2d7bd2f3498d5b911ff351eaffected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < e6825b30d37fe89ceb87f926d33d4fad321a331eaffected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < c0d7dbc6b7a61a56028118c00af2c8319d44a682affected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < 2e1be420b86980c25a75325e90dfc3fc73126f61affected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < 25e634d7f44eb13113139040e5366bebe48c882faffected
LinuxLinux28a326c592e3e444c59f28b3e60c3b07692928d6 < f828b681d0cd566f86351c0b913e6cb6ed8c7b9caffected
LinuxLinux3.13affected
LinuxLinux0 < 3.13unaffected
LinuxLinux4.14.324 <= 4.14.*unaffected
LinuxLinux4.19.293 <= 4.19.*unaffected
LinuxLinux5.4.255 <= 5.4.*unaffected
LinuxLinux5.10.192 <= 5.10.*unaffected
LinuxLinux5.15.123 <= 5.15.*unaffected
LinuxLinux6.1.42 <= 6.1.*unaffected
LinuxLinux6.4.7 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References