CVE-2023-52683 — Linux vulnerability

22 documents7 sources

Severity

5.5MEDIUMNVD

OSV7.5

EPSS

0.0%

top 97.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedMay 17

Latest updateJun 26

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32(). Found by Linux Verification Center (linuxtesting.org) with SVACE.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel4.15 — 4.19.306+6

▶Debianlinux/linux_kernel< 5.10.209-1+3

▶CVEListV5linux/linuxeeb2d80d502af28e5660ff4bbe00f90ceb82c2db — 647d1d50c31e60ef9ccb9756a8fdf863329f7aee+8

▶debiandebian/linux< linux 6.1.76-1 (bookworm)

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-oracle-6.5 vulnerabilities↗2024-06-26

▶

OSV

linux-hwe-6.5 vulnerabilities↗2024-06-18

▶

OSV

linux-nvidia-6.5 vulnerabilities↗2024-06-14

▶

OSV

linux-oem-6.5 vulnerabilities↗2024-06-12

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2024-06-11

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Oracle) vulnerabilities↗2024-06-26

▶

Ubuntu

Linux kernel (HWE) vulnerabilities↗2024-06-18

▶

Ubuntu

Linux kernel (NVIDIA) vulnerabilities↗2024-06-14

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2024-06-12

▶

Ubuntu

Linux kernel vulnerabilities↗2024-06-11

▶

💬Community

Bugzilla

CVE-2023-52683 kernel: ACPI: LPIT: Avoid u32 multiplication overflow↗2024-05-18

▶