7.8
CVE-2023-52764
- EPSS 0.01%
- Veröffentlicht 21.05.2024 16:15:15
- Zuletzt bearbeitet 23.09.2025 19:52:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the value of the variable "sd->params.exposure.gain" exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable "currentexp" cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.14.331
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.300
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.262
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.202
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.140
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.64
Linux ≫ Linux Kernel Version >= 6.2 < 6.5.13
Linux ≫ Linux Kernel Version >= 6.6 < 6.6.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.01 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.