Improper Validation of Array Index Affecting perf package, versions *
Threat Intelligence
EPSS
0.04% (15th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-PERF-7080214
- published 23 May 2024
- disclosed 21 May 2024
How to fix?
There is no fixed version for Centos:7
perf
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream perf
package and not the perf
package as distributed by Centos
.
See How to fix?
for Centos:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
For pptable structs that use flexible array sizes, use flexible arrays.
References
- https://access.redhat.com/security/cve/CVE-2023-52818
- https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94
- https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3
- https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4
- https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97
- https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47
- https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f
- https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928
- https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498
- https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b
CVSS Scores
version 3.1