Описание
In the Linux kernel, the following vulnerability has been resolved:
drm: vmwgfx_surface.c: copy user-array safely
Currently, there is no overflow-check with memdup_user().
Use the new function memdup_array_user() instead of memdup_user() for duplicating the user-space array safely.
In the Linux kernel, the following vulnerability has been resolved:
drm: vmwgfx_surface.c: copy user-array safely
Currently, there is no overflow-check with memdup_user().
Use the new function memdup_array_user() instead of memdup_user() for duplicating the user-space array safely.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-52822
- https://git.kernel.org/stable/c/06ab64a0d836ac430c5f94669710a78aa43942cb
- https://git.kernel.org/stable/c/1eacb4c96e73225a2f6f276bade006abbe4d8341
- https://git.kernel.org/stable/c/21e29f1437b7c36c76efa908589578eaf0f50900
- https://git.kernel.org/stable/c/412ce89669341dfd8ed98a4746ad3dbe9653a7b8
- https://git.kernel.org/stable/c/689b33b94f096e717cd8f140a8b5502e7e4fe759
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: drm: vmwgfx_surface.c: copy user-array safely The Linux kernel CVE team has assigned CVE-2023-52822 to this issue.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.