Описание
In the Linux kernel, the following vulnerability has been resolved:
i2c: dev: copy userspace array safely
i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check.
Use the new wrapper memdup_array_user() to copy the array more safely.
In the Linux kernel, the following vulnerability has been resolved:
i2c: dev: copy userspace array safely
i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check.
Use the new wrapper memdup_array_user() to copy the array more safely.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-52758
- https://git.kernel.org/stable/c/38ada2f304f6f2065dd59613ef236a26f4dd73cd
- https://git.kernel.org/stable/c/aff8be2cad74a22525cd89cdff0b72a5c9a4c0c6
- https://git.kernel.org/stable/c/bef76b8544939518dafa3325bcd438b111136437
- https://git.kernel.org/stable/c/cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d
- https://git.kernel.org/stable/c/fe4eb2157d8c45b127bd88b1376c38c27b741293
CVE ID
Связанные уязвимости
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: i2c: dev: copy userspace array safely i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
