In the Linux kernel, the following vulnerability has been resolved: soc:
qcom: pmic_glink_altmode: fix port sanity check The PMIC GLINK altmode
driver currently supports at most two ports. Fix the incomplete port sanity
check on notifications to avoid accessing and corrupting memory beyond the
port array if we ever get a notification for an unsupported port.
Author | Note |
---|---|
rodrigo-zaiden | USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | linux | < 6.5.0-41.41 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1021.21 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-azure | < 6.5.0-1022.23 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < 6.5.0-1022.23~22.04.1 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-gcp | < 6.5.0-1022.24 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gcp-6.5 | < 6.5.0-1022.24~22.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-hwe-6.5 | < 6.5.0-41.41~22.04.2 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-laptop | < 6.5.0-1017.20 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-lowlatency | < 6.5.0-41.41.1 | UNKNOWN |
git.kernel.org/linus/c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0 (6.8-rc1)
git.kernel.org/stable/c/532a5557da6892a6b2d5793052e1bce1f4c9e177
git.kernel.org/stable/c/c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0
git.kernel.org/stable/c/d26edf4ee3672cc9828f2a3ffae34086a712574d
launchpad.net/bugs/cve/CVE-2023-52495
nvd.nist.gov/vuln/detail/CVE-2023-52495
security-tracker.debian.org/tracker/CVE-2023-52495
ubuntu.com/security/notices/USN-6818-1
ubuntu.com/security/notices/USN-6818-2
ubuntu.com/security/notices/USN-6818-3
ubuntu.com/security/notices/USN-6818-4
ubuntu.com/security/notices/USN-6819-1
ubuntu.com/security/notices/USN-6819-2
ubuntu.com/security/notices/USN-6819-3
ubuntu.com/security/notices/USN-6819-4
www.cve.org/CVERecord?id=CVE-2023-52495