5.5

CVE-2023-53309

drm/radeon: Fix integer overflow in radeon_cs_parser_init

In the Linux kernel, the following vulnerability has been resolved:

drm/radeon: Fix integer overflow in radeon_cs_parser_init

The type of size is unsigned, if size is 0x40000000, there will be an
integer overflow, size will be zero after size *= sizeof(uint32_t),
will cause uninitialized memory to be referenced later
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.324
LinuxLinux Kernel Version >= 4.15 < 4.19.293
LinuxLinux Kernel Version >= 4.20 < 5.4.255
LinuxLinux Kernel Version >= 5.5 < 5.10.192
LinuxLinux Kernel Version >= 5.11 < 5.15.123
LinuxLinux Kernel Version >= 5.16 < 6.1.42
LinuxLinux Kernel Version >= 6.2 < 6.4.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.041
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/d05ba46134d07e889de7d23cf8503574a22ede09
Patch
https://git.kernel.org/stable/c/cfa9148bafb2d3292b65de1bac79dcca65be2643
Patch
https://git.kernel.org/stable/c/b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e
Patch
https://git.kernel.org/stable/c/e6825b30d37fe89ceb87f926d33d4fad321a331e
Patch
https://git.kernel.org/stable/c/c0d7dbc6b7a61a56028118c00af2c8319d44a682
Patch
https://git.kernel.org/stable/c/2e1be420b86980c25a75325e90dfc3fc73126f61
Patch
https://git.kernel.org/stable/c/25e634d7f44eb13113139040e5366bebe48c882f
Patch
https://git.kernel.org/stable/c/f828b681d0cd566f86351c0b913e6cb6ed8c7b9c
Patch