admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-526xx/CVE-2023-52616.json
cad-safe-bot 7ab230f046 Auto-Update: 2025-03-16T03:00:19.723046+00:00
2025-03-16 03:03:50 +00:00

221 lines
7.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-52616",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-18T11:15:08.967",
"lastModified": "2025-03-10T15:50:52.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: crypto: lib/mpi: corrige el acceso inesperado al puntero en mpi_ec_init Cuando se inicializa la estructura mpi_ec_ctx, algunos campos no se borran, lo que provoca un bloqueo al hacer referencia al campo cuando se lanz\u00f3 la estructura. Inicialmente, este problema se ignor\u00f3 porque la memoria para mpi_ec_ctx se asigna con el indicador __GFP_ZERO. Por ejemplo, este error se activar\u00e1 al calcular el valor Za para SM2 por separado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.210",
"matchCriteriaId": "2D2F0709-60B3-49A5-80BB-D9815B21843F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "0D0465BB-4053-4E15-9137-6696EBAE90FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.15",
"matchCriteriaId": "87C718CB-AE3D-4B07-B4D9-BFF64183C468"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.3",
"matchCriteriaId": "58FD5308-148A-40D3-B36A-0CA6B434A8BF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0c3687822259a7628c85cd21a3445cbe3c367165",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2bb86817b33c9d704e127f92b838035a72c315b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7abdfd45a650c714d5ebab564bb1b988f14d9b49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ebf812b7019fd2d4d5a7ca45ef4bf3a6f4bda0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ba3c5574203034781ac4231acf117da917efcd2a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb44477d4506e52785693a39f03cdc6a2c5e8598",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0c3687822259a7628c85cd21a3445cbe3c367165",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2bb86817b33c9d704e127f92b838035a72c315b6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7abdfd45a650c714d5ebab564bb1b988f14d9b49",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ebf812b7019fd2d4d5a7ca45ef4bf3a6f4bda0a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ba3c5574203034781ac4231acf117da917efcd2a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb44477d4506e52785693a39f03cdc6a2c5e8598",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink