Integer Overflow or Wraparound Affecting kernel-rt-debug-modules-extra package, versions <0:4.18.0-553.16.1.rt7.357.el8_10


Severity

Recommended
high

Based on CentOS security rating.

Threat Intelligence

EPSS
0.04% (15th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS8-KERNELRTDEBUGMODULESEXTRA-7044114
  • published23 May 2024
  • disclosed21 May 2024

Introduced: 21 May 2024

CVE-2023-52832  (opens in a new tab)
CWE-190  (opens in a new tab)

How to fix?

Upgrade Centos:8 kernel-rt-debug-modules-extra to version 0:4.18.0-553.16.1.rt7.357.el8_10 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt-debug-modules-extra package and not the kernel-rt-debug-modules-extra package as distributed by Centos. See How to fix? for Centos:8 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: don't return unset power in ieee80211_get_tx_power()

We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level".

UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/0xd0 __ubsan_handle_mul_overflow+0xe/0x10 nl80211_send_iface+0x688/0x6b0 [cfg80211] [...] cfg80211_register_wdev+0x78/0xb0 [cfg80211] cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211] [...] ieee80211_if_add+0x60e/0x8f0 [mac80211] ieee80211_register_hw+0xda5/0x1170 [mac80211]

In this case, simply return an error instead, to indicate that no data is available.

CVSS Scores

version 3.1