5.5
CVE-2023-52429
- EPSS 0.02%
- Published 12.02.2024 03:15:32
- Last modified 25.03.2025 16:15:17
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.10.210
Linux ≫ Linux Kernel Version >= 5.11.0 < 5.15.149
Linux ≫ Linux Kernel Version >= 5.16.0 < 6.1.79
Linux ≫ Linux Kernel Version >= 6.2.0 < 6.6.18
Linux ≫ Linux Kernel Version >= 6.7.0 < 6.7.6
Fedoraproject ≫ Fedora Version38
Fedoraproject ≫ Fedora Version39
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.035 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
CWE-789 Memory Allocation with Excessive Size Value
The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.