CVE-2023-52807

medium

Description

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs The hns3 driver define an array of string to show the coalesce info, but if the kernel adds a new mode or a new state, out-of-bounds access may occur when coalesce info is read via debugfs, this patch fix the problem.

References

https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4

https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792

https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3

https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09

Details

Source: Mitre, NVD

Published: 2024-05-21

Updated: 2024-05-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:L/AC:L/Au:M/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.1

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H

Severity: Medium