CVE-2023-52512

MEDIUM

Linux Kernel 5.18-6.1.58 6.5.8-6.5.* 6.6 - Out-of-bounds Write in pinctrl nuvoton wpcm450 GPIO Bank

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: wpcm450: fix out of bounds write Write into 'pctrl->gpio_bank' happens before the check for GPIO index validity, so out of bounds write may happen. Found by Linux Verification Center (linuxtesting.org) with SVACE.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/6c18c386fd13dbb3ff31a1086dabb526780d9bda

Patch

https://git.kernel.org/stable/c/c9d7cac0fd27c74dd368e80dc4b5d0f9f2e13cf8

Patch

https://git.kernel.org/stable/c/87d315a34133edcb29c4cadbf196ec6c30dfd47b

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 12.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (10)

Linux/Linux < 5.18

Linux/Linux 5.18

Linux/Linux 6.1.59 - 6.1.*

Linux/Linux 6.5.8 - 6.5.*

Linux/Linux 6.6

Linux/Linux a1d1e0e3d80a870cc37a6c064994b89e963d2b58 - 6c18c386fd13dbb3ff31a1086dabb526780d9bda

Linux/Linux a1d1e0e3d80a870cc37a6c064994b89e963d2b58 - 87d315a34133edcb29c4cadbf196ec6c30dfd47b

Linux/Linux a1d1e0e3d80a870cc37a6c064994b89e963d2b58 - c9d7cac0fd27c74dd368e80dc4b5d0f9f2e13cf8

linux/linux_kernel 6.6 rc1 (5 CPE variants)

linux/linux_kernel 5.18 - 6.1.59

Published Mar 02, 2024

Tracked Since Feb 18, 2026