5.6

CVE-2023-52768

wifi: wilc1000: use vmm_table as array in wilc struct

In the Linux kernel, the following vulnerability has been resolved:

wifi: wilc1000: use vmm_table as array in wilc struct

Enabling KASAN and running some iperf tests raises some memory issues with
vmm_table:

BUG: KASAN: slab-out-of-bounds in wilc_wlan_handle_txq+0x6ac/0xdb4
Write of size 4 at addr c3a61540 by task wlan0-tx/95

KASAN detects that we are writing data beyond range allocated to vmm_table.
There is indeed a mismatch between the size passed to allocator in
wilc_wlan_init, and the range of possible indexes used later: allocation
size is missing a multiplication by sizeof(u32)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.68 < 5.15.140
LinuxLinux Kernel Version >= 5.19.9 < 6.1.64
LinuxLinux Kernel Version >= 6.2 < 6.5.13
LinuxLinux Kernel Version >= 6.6 < 6.6.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.137
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.6 0.8 4.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/05ac1a198a63ad66bf5ae8b7321407c102d40ef3
Patch
https://git.kernel.org/stable/c/3ce1c2c3999b232258f7aabab311d47dda75605c
Patch
https://git.kernel.org/stable/c/4b0d6ddb6466d10df878a7787f175a0e4adc3e27
Patch
https://git.kernel.org/stable/c/541b3757fd443a68ed8d25968eae511a8275e7c8
Patch
https://git.kernel.org/stable/c/6aaf7cd8bdfe245d3c9a8b48fe70c2011965948e
Patch