PT-2023-8770 · Linux+10 · Linux Kernel+10
Nathan Lynch
·
Published
2023-12-01
·
Updated
2025-09-29
·
CVE-2023-52451
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The vulnerability is related to the
dlpar memory remove by index() function in the powerpc/pseries/memhp module of the Linux kernel. This function may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC index. As a result, the cursor is left pointing to an invalid entry, and the debug message at the end of the function then dereferences this pointer, leading to a slab-out-of-bounds error. This issue was found by inspection and confirmed with KASAN.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Out of bounds Read
Improper Validation of Array Index
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu