PT-2023-8772 · Linux · Linux Kernel

Publicado

2023-11-24

Atualizado

2025-03-26

CVE-2023-52461

CVSS v2.0

6.6

Média

Vetor

AV:L/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to insufficient bounds control in the drm sched entity init() function within the Linux kernel's DRM driver. This could potentially allow an attacker to impact the confidentiality and availability of protected information. The vulnerability occurs when a malformed entity is given to drm sched entity init() with an out-of-bounds priority value. The function should set this value to an allowed limit, but the expression that sets this limit is flawed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-19

Identificadores relacionados

BDU:2024-01857

CVE-2023-52461

OPENSUSE-SU-2024:13767-1

OPENSUSE-SU-2025:14705-1

Produtos afetados

Linux Kernel

PT-2023-8772 · Linux · Linux Kernel

CVE-2023-52461

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 524