CVE-2023-52878

medium

Description

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error.

References

https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f

https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444

https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057

https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc

https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4

Details

Source: Mitre, NVD

Published: 2024-05-21

Updated: 2024-05-21

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 4.4

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: Medium