| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091642-CVE-2023-53309-005a@gregkh> Date: Tue, 16 Sep 2025 18:11:54 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53309: drm/radeon: Fix integer overflow in radeon_cs_parser_init From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later The Linux kernel CVE team has assigned CVE-2023-53309 to this issue. Affected and fixed versions =========================== Fixed in 4.14.324 with commit d05ba46134d07e889de7d23cf8503574a22ede09 Fixed in 4.19.293 with commit cfa9148bafb2d3292b65de1bac79dcca65be2643 Fixed in 5.4.255 with commit b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e Fixed in 5.10.192 with commit e6825b30d37fe89ceb87f926d33d4fad321a331e Fixed in 5.15.123 with commit c0d7dbc6b7a61a56028118c00af2c8319d44a682 Fixed in 6.1.42 with commit 2e1be420b86980c25a75325e90dfc3fc73126f61 Fixed in 6.4.7 with commit 25e634d7f44eb13113139040e5366bebe48c882f Fixed in 6.5 with commit f828b681d0cd566f86351c0b913e6cb6ed8c7b9c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53309 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/radeon/radeon_cs.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/d05ba46134d07e889de7d23cf8503574a22ede09 https://git.kernel.org/stable/c/cfa9148bafb2d3292b65de1bac79dcca65be2643 https://git.kernel.org/stable/c/b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e https://git.kernel.org/stable/c/e6825b30d37fe89ceb87f926d33d4fad321a331e https://git.kernel.org/stable/c/c0d7dbc6b7a61a56028118c00af2c8319d44a682 https://git.kernel.org/stable/c/2e1be420b86980c25a75325e90dfc3fc73126f61 https://git.kernel.org/stable/c/25e634d7f44eb13113139040e5366bebe48c882f https://git.kernel.org/stable/c/f828b681d0cd566f86351c0b913e6cb6ed8c7b9c
Powered by blists - more mailing lists