CVE-2023-52867 Affecting kernel-64kb-devel package, versions <6.4.0-150600.23.14.1
Threat Intelligence
EPSS
0.04% (14th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES156-KERNEL64KBDEVEL-7550975
- published 23 Jul 2024
- disclosed 22 Jul 2024
Introduced: 22 Jul 2024
CVE-2023-52867 Open this link in a new tabHow to fix?
Upgrade SLES:15.6 kernel-64kb-devel to version 6.4.0-150600.23.14.1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-64kb-devel package and not the kernel-64kb-devel package as distributed by SLES.
See How to fix? for SLES:15.6 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: possible buffer overflow
Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access.
References
- https://www.suse.com/security/cve/CVE-2023-52867.html
- https://bugzilla.suse.com/1225009
- https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783
- https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45
- https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58
- https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94
- https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896
- https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f
- https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855
- https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4
- https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783
CVSS Scores
version 3.1