CVE-2023-52812

EPSS 0.01%
Veröffentlicht 21.05.2024 16:15:19
Zuletzt bearbeitet 03.11.2025 22:16:31
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/amd: check num of link levels when update pcie param

In SR-IOV environment, the value of pcie_table->num_of_link_levels will
be 0, and num_of_levels - 1 will cause array index out of bounds

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.5.13

Linux ≫ Linux Kernel Version >= 6.6 < 6.6.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.013

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a

Patch

https://git.kernel.org/stable/c/2f2d48b6247ae3001f83c98730b3cce475cb2927

Patch

https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec

Patch

https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670

Patch

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2023-52812

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52812

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52812

EUVD