-

CVE-2023-52669

EPSS 0.02%
Veröffentlicht 17.05.2024 14:15:09
Zuletzt bearbeitet 21.11.2024 08:40:19
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

crypto: s390/aes - Fix buffer overread in CTR mode

When processing the last block, the s390 ctr code will always read
a whole block, even if there isn't a whole block of data left.  Fix
this by using the actual length left and copy it into a buffer first
for processing.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < cd51e26a3b89706beec64f2d8296cfb1c34e0c79

Version 0200f3ecc19660bebeabbcbaf212957fcf1dbf8f

Status affected

Version < a7f580cdb42ec3d53bbb7c4e4335a98423703285

Version 0200f3ecc19660bebeabbcbaf212957fcf1dbf8f

Status affected

Version < dbc9a791a70ea47be9f2acf251700fe254a2ab23

Version 0200f3ecc19660bebeabbcbaf212957fcf1dbf8f

Status affected

Version < d68ac38895e84446848b7647ab9458d54cacba3e

Version 0200f3ecc19660bebeabbcbaf212957fcf1dbf8f

Status affected

Version < e78f1a43e72daf77705ad5b9946de66fc708b874

Version 0200f3ecc19660bebeabbcbaf212957fcf1dbf8f

Status affected

Version < d07f951903fa9922c375b8ab1ce81b18a0034e3b

Version 0200f3ecc19660bebeabbcbaf212957fcf1dbf8f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.0

Status affected

Version < 3.0

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.210

Status unaffected

Version <= 5.15.*

Version 5.15.149

Status unaffected

Version <= 6.1.*

Version 6.1.76

Status unaffected

Version <= 6.6.*

Version 6.6.15

Status unaffected

Version <= 6.7.*

Version 6.7.3

Status unaffected

Version <= *

Version 6.8

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.049

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285

https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79

https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b

https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e

https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23

https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874

https://nvd.nist.gov/vuln/detail/CVE-2023-52669

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52669

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52669

EUVD