PT-2023-9357 · Linux+5 · Linux Kernel+5

Dan Carpenter

Published

2023-11-21

Updated

2024-11-04

CVE-2023-52602

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an out-of-bounds access in the dtSearch component of the Linux kernel. This occurs while searching for the current page in the sorted entry table of the page. The error has been fixed by adding a bound check. The vulnerability may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2024-06912

CVE-2023-52602

DLA-3840-1

DLA-3842-1

DSA-5658-1

DSA-5681-1

OESA-2024-1344

OESA-2024-1346

OESA-2024-1347

OESA-2024-1348

OESA-2024-1349

OESA-2024-1392

OPENSUSE-SU-2024_1322-1

OPENSUSE-SU-2024_1322-2

OPENSUSE-SU-2024_1332-1

OPENSUSE-SU-2024_1332-2

OPENSUSE-SU-2024_1466-1

OPENSUSE-SU-2024_1480-1

OPENSUSE-SU-2024_1490-1

SUSE-SU-2024:1466-1

SUSE-SU-2024:1480-1

SUSE-SU-2024:1490-1

USN-6688-1

USN-6765-1

USN-6766-1

USN-6766-2

USN-6766-3

USN-6767-1

USN-6767-2

USN-6774-1

USN-6777-1

USN-6777-2

USN-6777-3

USN-6777-4

USN-6778-1

USN-6795-1

USN-6828-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2023-9357 · Linux+5 · Linux Kernel+5

CVE-2023-52602

Weakness Enumeration

Related Identifiers

Affected Products

References · 2559