CVE-2023-53778Linux vulnerability

6 documents5 sources
Severity
N/A
No vector
EPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in map_user_pages() The encode_dma() function has some validation on in_trans->size but it would be more clear to move those checks to find_and_map_user_pages(). The encode_dma() had two checks: if (in_trans->addr + in_trans->size addr || !in_trans->size) return -EINVAL; The in_trans->addr variable is the starting address. The in_trans->size variable is the total size of the tr

Affected Packages4 packages

Linuxlinux/linux_kernel6.4.06.4.12
Debianlinux/linux_kernel< 6.4.13-1+1
CVEListV5linux/linux129776ac2e38231fa9c02ce20e116c99de291666d410a96e5cb8c1ec7049c83f2edcd8bbfaf5d9b3+2
debiandebian/linux< linux 6.4.13-1 (forky)

🔴Vulnerability Details

3
GHSA
GHSA-xj22-vpw4-jv3x: In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in map_user_pages() The encode_dm2025-12-09
OSV
accel/qaic: Clean up integer overflow checking in map_user_pages()2025-12-09
OSV
CVE-2023-53778: In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in map_user_pages() The encode_dma(2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: accel/qaic: Clean up integer overflow checking in map_user_pages()2025-12-09
Debian
CVE-2023-53778: linux - In the Linux kernel, the following vulnerability has been resolved: accel/qaic:...2023