CVE-2023-52819

MEDIUM

Linux Kernel < 4.14.331 - Improper Array Index Validation

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays.

References (9)

[Patch] https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356

[Patch] https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6

[Patch] https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216

[Patch] https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92

[Patch] https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1

[Patch] https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e

[Patch] https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18

[Patch] https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4

[Patch] https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679

Scores

CVSS v3 6.6

EPSS 0.0002

EPSS Percentile 4.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (1)

linux/linux_kernel < 4.14.331

Published May 21, 2024

Tracked Since Feb 18, 2026