7.8
CVE-2023-52812
- EPSS 0.26%
- Veröffentlicht 21.05.2024 16:15:19
- Zuletzt bearbeitet 25.11.2025 17:26:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/amd: check num of link levels when update pcie param
In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcie_table->num_of_link_levels will be 0, and num_of_levels - 1 will cause array index out of bounds
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version11.0
Linux ≫ Linux Kernel Version >= 5.19 < 6.1.119
Linux ≫ Linux Kernel Version >= 6.2 < 6.5.13
Linux ≫ Linux Kernel Version >= 6.6 < 6.6.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.173 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a
https://git.kernel.org/stable/c/2f2d48b6247ae3001f83c98730b3cce475cb2927
https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec
https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html