CVE-2023-2194
CVSS v3.1
6.7 (Medium)
EPSS
0.04 % (5th)
Affected Products
3
Advisories
32
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.
Weaknesses
- CWE-787
- Out-of-bounds Write
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-04-20 21:15:09
(17 months ago) - Updated Date
-
2023-05-03 14:15:34
(16 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...