CVE-2023-52507
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
02/03/2024
Last modified:
13/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: assert requested protocol is valid The protocol is used in a bit mask to determine if the protocol is supported. Assert the provided protocol is less than the maximum defined so it doesn't potentially perform a shift-out-of-bounds and provide a clearer error for undefined protocols vs unsupported ones.
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.2 (including) | 4.14.328 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.297 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.259 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.199 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.136 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.59 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.5.8 (excluding) |
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/25dd54b95abfdca423b65a4ee620a774777d8213
- https://git.kernel.org/stable/c/2c231a247a1d1628e41fa1eefd1a5307c41c5f53
- https://git.kernel.org/stable/c/354a6e707e29cb0c007176ee5b8db8be7bd2dee0
- https://git.kernel.org/stable/c/6584eba7688dcf999542778b07f63828c21521da
- https://git.kernel.org/stable/c/853dda54ba59ea70d5580a298b7ede4707826848
- https://git.kernel.org/stable/c/95733ea130e35ef9ec5949a5908dde3feaba92cb
- https://git.kernel.org/stable/c/a424807d860ba816aaafc3064b46b456361c0802
- https://git.kernel.org/stable/c/a686f84101680b8442181a8846fbd3c934653729
- https://git.kernel.org/stable/c/25dd54b95abfdca423b65a4ee620a774777d8213
- https://git.kernel.org/stable/c/2c231a247a1d1628e41fa1eefd1a5307c41c5f53
- https://git.kernel.org/stable/c/354a6e707e29cb0c007176ee5b8db8be7bd2dee0
- https://git.kernel.org/stable/c/6584eba7688dcf999542778b07f63828c21521da
- https://git.kernel.org/stable/c/853dda54ba59ea70d5580a298b7ede4707826848
- https://git.kernel.org/stable/c/95733ea130e35ef9ec5949a5908dde3feaba92cb
- https://git.kernel.org/stable/c/a424807d860ba816aaafc3064b46b456361c0802
- https://git.kernel.org/stable/c/a686f84101680b8442181a8846fbd3c934653729