Vulnerability Details : CVE-2023-52495
In the Linux kernel, the following vulnerability has been resolved:
soc: qcom: pmic_glink_altmode: fix port sanity check
The PMIC GLINK altmode driver currently supports at most two ports.
Fix the incomplete port sanity check on notifications to avoid
accessing and corrupting memory beyond the port array if we ever get a
notification for an unsupported port.
Products affected by CVE-2023-52495
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-52495
0.02%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 3 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-52495
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2025-02-14 |
CWE ids for CVE-2023-52495
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-52495
-
https://git.kernel.org/stable/c/d26edf4ee3672cc9828f2a3ffae34086a712574d
soc: qcom: pmic_glink_altmode: fix port sanity check - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/532a5557da6892a6b2d5793052e1bce1f4c9e177
soc: qcom: pmic_glink_altmode: fix port sanity check - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0
soc: qcom: pmic_glink_altmode: fix port sanity check - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
Jump to