Lucene search
Redhat.comRH:CVE-2023-52764HistoryJun 12, 2024 - 12:28 a.m.
CVE-2023-52764
2024-06-1200:28:24
redhat.com
access.redhat.com
1
linux kernel
vulnerability
gspca
cpia1
shift-out-of-bounds
syzkaller
ubsan
media
usb
exposure gain
conditional expression
invalid range.
In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type ‘int’ When the value of the variable “sd->params.exposure.gain” exceeds the number of bits in an integer, a shift-out-of-bounds error is reported. It is triggered because the variable “currentexp” cannot be left-shifted by more than the number of bits in an integer. In order to avoid invalid range during left-shift, the conditional expression is added.
Related
cve
cve
CVE-2023-52764
2024-05-21 16:15:15
nvd
nvd
CVE-2023-52764
2024-05-21 16:15:15
debiancve
debiancve
CVE-2023-52764
2024-05-21 16:15:15
cvelist
cvelist
CVE-2023-52764 media: gspca: cpia1: shift-out-of-bounds in set_flicker
2024-05-21 15:30:49
ubuntucve
ubuntucve
CVE-2023-52764
2024-05-21 00:00:00
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
2024-06-13 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
2024-06-14 00:00:00