CVE-2023-52812

HIGH

Linux kernel - Array Index Out-of-Bounds in DRM AMD PCIe Parameter Update

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcie_table->num_of_link_levels will be 0, and num_of_levels - 1 will cause array index out of bounds

References (5)

Core 5

Core References

Mailing List, Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/2f2d48b6247ae3001f83c98730b3cce475cb2927

Patch

https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670

Patch

https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a

Patch

https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec

Scores

CVSS v3 7.8

EPSS 0.0026

EPSS Percentile 17.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (15)

debian/debian_linux 11.0

Linux/Linux < 6.5

Linux/Linux 31c7a3b378a136adc63296a2ff17645896fcf303 - 09f617219fe9ccd8d7b65dc3e879b5889f663b5a

Linux/Linux 31c7a3b378a136adc63296a2ff17645896fcf303 - 406e8845356d18bdf3d3a23b347faf67706472ec

Linux/Linux 31c7a3b378a136adc63296a2ff17645896fcf303 - 5b4574b663d0a1a0a62d5232429b7db9ae6d0670

Linux/Linux 6.1.119 - 6.1.*

Linux/Linux 6.1.40 - 6.1.119

Linux/Linux 6.4.5 - 6.5

Linux/Linux 6.5

Linux/Linux 6.5.13 - 6.5.*

... and 5 more

Published May 21, 2024

Tracked Since Feb 18, 2026