DEBIAN-CVE-2023-52916

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2023-52916

Downstream

DLA-4076-1

Published: 06 Sept 2024, 09:15

Last modified:28 Apr 2026, 20:26

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

7.8 HIGH

3.1 (osv_debian)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Sept 2024, 09:15

Published

Vulnerability first disclosed

28 Apr 2026, 20:26

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through 'Virtual media' on OpenBMC's web 3. Run script as below on host to do sha continuously #!/bin/bash while [ [1] ]; do find /media -type f -printf '"%h/%f"\n' | xargs sha256sum done 4. Open KVM on OpenBMC's web The size of macro block captured is 8x8. Therefore, we should make sure the height of src-buf is 8 aligned to fix this issue.

CVSS Metrics

v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

debian•linux
all | < 6.1.123-1 | < 6.6.8-1 | < 6.6.8-1
debian•linux-6.1
< 6.1.128-1~deb11u1

References (1)

https://security-tracker.debian.org/tracker/CVE-2023-52916