CVE-2023-53703

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the AMD System Firmware Handler (SFH) HID driver. A shift operation involving the exp and shift variables can exceed the maximum allowable shift value for a u32 type, leading to a UBSAN (Undefined Behavior Sanitizer) shift-out-of-bounds error. This occurs in the amd sfh desc.c file at line 149. The issue is triggered during the processing of input reports, specifically within the get input rep() function and the amd sfh work buffer() workqueue. The error manifests as a shift exponent exceeding the maximum permissible value for a 64-bit unsigned integer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.