CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
5.1%
A flaw was found in hfi1 in the Linux Kernel. This issue is due to data corruption for user SDMA requests that have multiple payload iovecs where an iovec other than the tail iovec does not run up to the page boundary.
bugzilla.redhat.com/show_bug.cgi?id=2266278
git.kernel.org/stable/c/00cbce5cbf88459cd1aa1d60d0f1df15477df127
git.kernel.org/stable/c/7e6010f79b58f45b204cf18aa58f4b73c3f30adc
git.kernel.org/stable/c/9c4c6512d7330b743c4ffd18bd999a86ca26db0d
git.kernel.org/stable/c/a2bd706ab63509793b5cd5065e685b7ef5cba678
git.kernel.org/stable/c/c76cb8f4bdf26d04cfa5485a93ce297dba5e6a80
git.kernel.org/stable/c/dce59b5443700fbd0d2433ec6e4d4cf063448844
nvd.nist.gov/vuln/detail/CVE-2023-52474
www.cve.org/CVERecord?id=CVE-2023-52474