CVE-2023-52766

Advisory lineage Upstream: 0 Downstream: 32

Downstream

DEBIAN-CVE-2023-52766 SUSE-SU-2024:2008-1 SUSE-SU-2024:2011-1 SUSE-SU-2024:2019-1 SUSE-SU-2024:2189-1 SUSE-SU-2024:2190-1

Analyzed

Published: 21 May 2024, 15:30

Last modified:11 May 2026, 19:32

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

7.1 HIGH

v3.1 (nvd)

EPSS Score

0.03% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 May 2024, 15:30

Published

Vulnerability first disclosed

11 May 2026, 19:32

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers.

CVSS Metrics

v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.03%• Percentile: 9%

Techniques & Countermeasures

CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < d23ad76f240c0f597b7a9eb79905d246f27d40df | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 8be39f66915b40d26ea2c18ba84b5c3d5da6809b | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 7c2b91b30d74d7c407118ad72502d4ca28af1af6 | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 4c86cb2321bd9c72d3b945ce7f747961beda8e65 | ≥ 3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0, < 45a832f989e520095429589d5b01b0c65da9b574 | 5.0
linux•linux_kernel
< 5.15.140 | ≥ 5.16, < 6.1.64 | ≥ 6.2, < 6.5.13 | ≥ 6.6, < 6.6.3