CVE-2023-52916

Advisory lineage Upstream: 0 Downstream: 12

Downstream

DEBIAN-CVE-2023-52916 DLA-4076-1 SUSE-SU-2024:3551-1 SUSE-SU-2024:3553-1 SUSE-SU-2024:3561-1 SUSE-SU-2024:3564-1

Modified

Published: 06 Sept 2024, 09:07

Last modified:11 May 2026, 19:35

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

7.8 HIGH

v3.1 (nvd)

EPSS Score

0.02% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Sept 2024, 09:07

Published

Vulnerability first disclosed

11 May 2026, 19:35

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through 'Virtual media' on OpenBMC's web 3. Run script as below on host to do sha continuously #!/bin/bash while [ [1] ]; do find /media -type f -printf '"%h/%f"\n' | xargs sha256sum done 4. Open KVM on OpenBMC's web The size of macro block captured is 8x8. Therefore, we should make sure the height of src-buf is 8 aligned to fix this issue.

CVSS Metrics

v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.02%• Percentile: 7%

Techniques & Countermeasures

CWE-787•Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ d2b4387f3bdf016e266d23cf657465f557721488, < 4c823e4027dd1d6e88c31028dec13dd19bc7b02d | ≥ d2b4387f3bdf016e266d23cf657465f557721488, < c281355068bc258fd619c5aefd978595bede7bfe | 5.0
linux•linux_kernel
≥ 5.0, < 6.1.120 | ≥ 6.2, < 6.6