CVE-2023-52612

Published: Mar 18, 2024Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from the scomp_scratch->dst to avoid req->dst buffer overflow problem.

Affected (8)

Products: Linux: Linux Kernel · Debian: Debian Linux

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.10 to 4.19.306
Linux Linux Kernel	From 4.20 to 5.4.268
Linux Linux Kernel	From 5.11 to 5.15.148
Linux Linux Kernel	From 5.16 to 6.1.75
Linux Linux Kernel	From 5.5 to 5.10.209
Linux Linux Kernel	From 6.2 to 6.6.14
Linux Linux Kernel	From 6.7 to 6.7.2

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (18)

https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

Timeline

No history available yet.