7.1

CVE-2023-53675

scsi: ses: Fix possible desc_ptr out-of-bounds accesses

In the Linux kernel, the following vulnerability has been resolved:

scsi: ses: Fix possible desc_ptr out-of-bounds accesses

Sanitize possible desc_ptr out-of-bounds accesses in
ses_enclosure_data_process().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.25 < 4.14.308
LinuxLinux Kernel Version >= 4.15 < 4.19.276
LinuxLinux Kernel Version >= 4.20 < 5.4.235
LinuxLinux Kernel Version >= 5.5 < 5.10.173
LinuxLinux Kernel Version >= 5.11 < 5.15.99
LinuxLinux Kernel Version >= 5.16 < 6.1.16
LinuxLinux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.038
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7
Patch
https://git.kernel.org/stable/c/cffe09ca0555e235a42d6fa065e463c4b3d5b657
Patch
https://git.kernel.org/stable/c/79ec5dd5fb07ecaea2f978c2d7a9f2f3526e4d19
Patch
https://git.kernel.org/stable/c/c315560e3ef77c1d822249f1743e647dc9c9912a
Patch
https://git.kernel.org/stable/c/584892fd29a41ef424a148118a3103b16b94fb8c
Patch
https://git.kernel.org/stable/c/414418abc19fa4ccf730d273061a426c07a061d6
Patch
https://git.kernel.org/stable/c/4b8cae410472653a59e15af62c57c49b8e0a1201
Patch
https://git.kernel.org/stable/c/801ab13d50cf3d26170ee073ea8bb4eececb76ab
Patch