CVE-2023-52680 Affecting perf package, versions *
Threat Intelligence
EPSS
0.05% (17th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL8-PERF-6900070
- published 18 May 2024
- disclosed 17 May 2024
Introduced: 17 May 2024
CVE-2023-52680 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:8
perf
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream perf
package and not the perf
package as distributed by RHEL
.
See How to fix?
for RHEL:8
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
ALSA: scarlett2: Add missing error checks to *_ctl_get()
The ctl_get() functions which call scarlett2_update() were not checking the return value. Fix to check the return value and pass to the caller.
References
- https://access.redhat.com/security/cve/CVE-2023-52680
- https://git.kernel.org/stable/c/3a09488f4f67f7ade59b8ac62a6c7fb29439cf51
- https://git.kernel.org/stable/c/50603a67daef161c78c814580d57f7f0be57167e
- https://git.kernel.org/stable/c/773e38f73461ef2134a0d33a08f1668edde9b7c3
- https://git.kernel.org/stable/c/821fbaeaaae23d483d3df799fe91ec8045973ec3
- https://git.kernel.org/stable/c/cda7762bea857e6951315a2f7d0632ea1850ed43
CVSS Scores
version 3.1