CVE-2023-54034

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A missing zero initialization exists in the iommufd component of the Linux kernel. Specifically, the vfio iommu type1 info structure is not fully initialized to zero before data is copied from user space. The copy from user() function does not fill the entire structure, leaving 8 bytes of padding uninitialized.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-54034

RHSA-2023:6583

Affected Products

Linux Kernel

CVE-2023-54034

Related Identifiers

Affected Products

References · 13