PT-2023-9737 · Linux+3 · Linux Kernel+3

Publicado

2023-09-26

Atualizado

2025-02-03

CVE-2023-52871

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the qcom llcc probe() function in the Linux kernel's llcc component, which can cause a buffer overflow in memory. This can lead to a denial of service. The problem occurs when a second llcc device is present, and even a failed probe call can modify the global drv data pointer. To prevent data corruption, it is necessary to check if drv data is valid before overwriting it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2024-10398

CVE-2023-52871

OESA-2024-1693

OESA-2024-1694

OESA-2024-1705

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Produtos afetados

Astra Linux

Linux Kernel

Red Os

Suse

PT-2023-9737 · Linux+3 · Linux Kernel+3

CVE-2023-52871

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2853