CVE-2023-52766

HIGH7.1

i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

Published May 21, 2024

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers.

References

WEBhttps://git.kernel.org/stable/c/45a832f989e520095429589d5b01b0c65da9b574 WEBhttps://git.kernel.org/stable/c/4c86cb2321bd9c72d3b945ce7f747961beda8e65 WEBhttps://git.kernel.org/stable/c/7c2b91b30d74d7c407118ad72502d4ca28af1af6 WEBhttps://git.kernel.org/stable/c/8be39f66915b40d26ea2c18ba84b5c3d5da6809b WEBhttps://git.kernel.org/stable/c/d23ad76f240c0f597b7a9eb79905d246f27d40df ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2023-52766

CVSS Analysis

CVSS v3.1

7.1

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

HighA:H

7.1/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Ecosystems

Timeline

PublishedMay 21, 2024

ModifiedMay 4, 2025