CVE-2023-52683

Advisory lineage Upstream: 0 Downstream: 27

Downstream

DEBIAN-CVE-2023-52683 DLA-3840-1 DLA-3841-1 RHSA-2024:7000 RHSA-2024:7001 RHSA-2024:9315

Analyzed

Published: 17 May 2024, 14:24

Last modified:11 May 2026, 19:31

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

17 May 2024, 14:24

Published

Vulnerability first disclosed

11 May 2026, 19:31

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32(). Found by Linux Verification Center (linuxtesting.org) with SVACE.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 2%

Affected Systems

debian•debian_linux
10.0
linux•linux
≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < 647d1d50c31e60ef9ccb9756a8fdf863329f7aee | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < 6c38e791bde07d6ca2a0a619ff9b6837e0d5f9ad | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < f39c3d578c7d09a18ceaf56750fc7f20b02ada63 | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < c1814a4ffd016ce5392c6767d22ef3aa2f0d4bd1 | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < 72222dfd76a79d9666ab3117fcdd44ca8cd0c4de | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < d1ac288b2742aa4af746c5613bac71760fadd1c4 | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < b7aab9d906e2e252a7783f872406033ec49b6dae | ≥ eeb2d80d502af28e5660ff4bbe00f90ceb82c2db, < 56d2eeda87995245300836ee4dbd13b002311782 | 4.15
linux•linux_kernel
≥ 4.15, < 4.19.306 | ≥ 4.20, < 5.4.268 | ≥ 5.5, < 5.10.209 | ≥ 5.11, < 5.15.148 | ≥ 5.16, < 6.1.75 | ≥ 6.2, < 6.6.14 | ≥ 6.7, < 6.7.2