Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Avoid reading beyond LUT array When the floor LUT index (drm_fixp2int(lut_index) is the last index of the array the ceil LUT index will point to an entry beyond the array. Make sure we guard against it and use the value of the floor LUT index. v3: - Drop bits from commit description that didn't contribute anything of value
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.6, < 6.6.23 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bdPatch
- https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277Patch
- https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9dPatch
- https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1Patch
- https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bdPatch
- https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277Patch
- https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9dPatch
- https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1Patch
FAQ
What is CVE-2023-52649?
CVE-2023-52649 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Avoid reading beyond LUT array When the floor LUT index (drm_fixp2int(lut_index) is the last index of the array the ceil...
How severe is CVE-2023-52649?
CVE-2023-52649 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-52649?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.