Lucene search

K
redhatcveRedhat.comRH:CVE-2023-52790
HistoryMay 23, 2024 - 11:10 a.m.

CVE-2023-52790

2024-05-2311:10:34
redhat.com
access.redhat.com
2
linux kernel
swiotlb
out-of-bounds
tlb allocations
security vulnerability

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC Limit the free list length to the size of the IO TLB. Transient pool can be smaller than IO_TLB_SEGSIZE, but the free list is initialized with the assumption that the total number of slots is a multiple of IO_TLB_SEGSIZE. As a result, swiotlb_area_find_slots() may allocate slots past the end of a transient IO TLB buffer.

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%