CVE-2024-57983
HIGHLinux Kernel 6.13-6.13.2 - Out-of-bounds Write in Mailbox th1520 Suspend/Resume
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array used to store these registers was incorrectly sized, leading to memory corruption when accessing all four registers. This commit corrects the array size to accommodate all four interrupt mask registers, preventing memory corruption during suspend and resume operations.
References (2)
Core 2
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/2cd12c7fba59f30369e8647a2b726c7280903304
Mailing List, Patch
https://git.kernel.org/stable/c/db049866943a38bf46a34fa120d526663339d7a5
Scores
CVSS v3
7.8
EPSS
0.0020
EPSS Percentile
10.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (8)
linux/Kernel
6.13.0 - 6.13.2linux
Linux/Linux
< 6.13
Linux/Linux
5d4d263e1c6b6b18acb4d67fd3b9af71b7404924 - 2cd12c7fba59f30369e8647a2b726c7280903304
Linux/Linux
5d4d263e1c6b6b18acb4d67fd3b9af71b7404924 - db049866943a38bf46a34fa120d526663339d7a5
Linux/Linux
6.13
Linux/Linux
6.13.2 - 6.13.*
Linux/Linux
6.14
linux/linux_kernel
6.13 - 6.13.2
Published
Feb 27, 2025
Tracked Since
Feb 18, 2026