CVE-2023-52818

HIGH

Linux Kernel < 4.14.331 - Improper Array Index Validation

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays.

References (9)

[Patch] https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94

[Patch] https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3

[Patch] https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4

[Patch] https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97

[Patch] https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47

[Patch] https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f

[Patch] https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928

[Patch] https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498

[Patch] https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 3.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (1)

linux/linux_kernel < 4.14.331

Published May 21, 2024

Tracked Since Feb 18, 2026