Lucene search

K

GoogleOSV:CVE-2023-52762

HistoryMay 21, 2024 - 4:15 p.m.

CVE-2023-52762

2024-05-2116:15:00

Google

osv.dev

1

linux kernel

virtio-blk

vulnerability

fix

overflow

implicit conversion

software

security

AI Score

6.9

Confidence

Low

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtio_max_dma_size The following codes have an implicit conversion from size_t to u32: (u32)max_size = (size_t)virtio_max_dma_size(vdev); This may lead overflow, Ex (size_t)4G -> (u32)0. Once virtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX instead.

References

git.kernel.org/linus/fafb51a67fb883eb2dde352539df939a251851be

git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9

git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48

git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b

git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90

git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be

ubuntu.com/security/CVE-2023-52762

www.cve.org/CVERecord?id=CVE-2023-52762

AI Score

6.9

Confidence

Low

Related for OSV:CVE-2023-52762

cvelist1 vulnrichment1 cve1 nvd1 redhatcve1 debiancve1 ubuntucve1 nessus25 almalinux1 osv16 rocky3 openvas8 redhat6 oraclelinux1