Описание
In the Linux kernel, the following vulnerability has been resolved:
drm_lease.c: copy user-array safely
Currently, there is no overflow-check with memdup_user().
Use the new function memdup_array_user() instead of memdup_user() for duplicating the user-space array safely.
In the Linux kernel, the following vulnerability has been resolved:
drm_lease.c: copy user-array safely
Currently, there is no overflow-check with memdup_user().
Use the new function memdup_array_user() instead of memdup_user() for duplicating the user-space array safely.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-52820
- https://git.kernel.org/stable/c/0f5f56745188b06f13509e5054231cb7a4cb047d
- https://git.kernel.org/stable/c/301e597e7b81efa307dd0969ff8f2af9d7b9064e
- https://git.kernel.org/stable/c/ea42bc330723644a0bd01d7124a601ab60b27747
- https://git.kernel.org/stable/c/f37d63e219c39199a59b8b8a211412ff27192830
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: drm_lease.c: copy user-array safely Currently, there is no overflow-check with memdup_user(). Use the new function memdup_array_user() instead of memdup_user() for duplicating the user-space array safely.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.