CVE-2024-57983
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
mailbox: th1520: Fix memory corruption due to incorrect array size
The functions th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array used to store these registers was incorrectly sized, leading to memory corruption when accessing all four registers.
This commit corrects the array size to accommodate all four interrupt mask registers, preventing memory corruption during suspend and resume operations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 5d4d263e1c6b6b18acb4d67fd3b9af71b7404924 < 2cd12c7fba59f30369e8647a2b726c7280903304 | affected |
| Linux | Linux | 5d4d263e1c6b6b18acb4d67fd3b9af71b7404924 < db049866943a38bf46a34fa120d526663339d7a5 | affected |
| Linux | Linux | 6.13 | affected |
| Linux | Linux | 0 < 6.13 | unaffected |
| Linux | Linux | 6.13.2 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/2cd12c7fba59f30369e8647a2b726c7280903304
- https://git.kernel.org/stable/c/db049866943a38bf46a34fa120d526663339d7a5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.