7.1

CVE-2023-52507

nfc: nci: assert requested protocol is valid

In the Linux kernel, the following vulnerability has been resolved:

nfc: nci: assert requested protocol is valid

The protocol is used in a bit mask to determine if the protocol is
supported. Assert the provided protocol is less than the maximum
defined so it doesn't potentially perform a shift-out-of-bounds and
provide a clearer error for undefined protocols vs unsupported ones.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.2 < 4.14.328
LinuxLinux Kernel Version >= 4.15 < 4.19.297
LinuxLinux Kernel Version >= 4.20 < 5.4.259
LinuxLinux Kernel Version >= 5.5 < 5.10.199
LinuxLinux Kernel Version >= 5.11 < 5.15.136
LinuxLinux Kernel Version >= 5.16 < 6.1.59
LinuxLinux Kernel Version >= 6.2 < 6.5.8
LinuxLinux Kernel Version6.6 Updaterc1
LinuxLinux Kernel Version6.6 Updaterc2
LinuxLinux Kernel Version6.6 Updaterc3
LinuxLinux Kernel Version6.6 Updaterc4
LinuxLinux Kernel Version6.6 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.144
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/25dd54b95abfdca423b65a4ee620a774777d8213
Patch
https://git.kernel.org/stable/c/2c231a247a1d1628e41fa1eefd1a5307c41c5f53
Patch
https://git.kernel.org/stable/c/354a6e707e29cb0c007176ee5b8db8be7bd2dee0
Patch
https://git.kernel.org/stable/c/6584eba7688dcf999542778b07f63828c21521da
Patch
https://git.kernel.org/stable/c/853dda54ba59ea70d5580a298b7ede4707826848
Patch
https://git.kernel.org/stable/c/95733ea130e35ef9ec5949a5908dde3feaba92cb
Patch
https://git.kernel.org/stable/c/a424807d860ba816aaafc3064b46b456361c0802
Patch
https://git.kernel.org/stable/c/a686f84101680b8442181a8846fbd3c934653729
Patch