PT-2023-9737 · Linux+3 · Linux Kernel+3

Published

2023-09-26

Updated

2025-02-03

CVE-2023-52871

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the qcom llcc probe() function in the Linux kernel's llcc component, which can cause a buffer overflow in memory. This can lead to a denial of service. The problem occurs when a second llcc device is present, and even a failed probe call can modify the global drv data pointer. To prevent data corruption, it is necessary to check if drv data is valid before overwriting it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2024-10398

CVE-2023-52871

OESA-2024-1693

OESA-2024-1694

OESA-2024-1705

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2023-9737 · Linux+3 · Linux Kernel+3

CVE-2023-52871

Weakness Enumeration

Related Identifiers

Affected Products

References · 2853