CVE-2023-2194

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.

Published: Apr 20, 2023
Updated: Apr 29, 2023
CVE: CVE-2023-2194
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	-	6.3
linux / linux_kernel	6.3-rc1	6.3-rc1.x
linux / linux_kernel	6.3-rc2	6.3-rc2.x
linux / linux_kernel	6.3-rc3	6.3-rc3.x
fedoraproject / fedora	38	38.x
redhat / enterprise_linux	8.0	8.0.x
redhat / enterprise_linux	9.0	9.0.x

https://bugzilla.redhat.com/show_bug.cgi?id=2188396
https://github.com/torvalds/linux/commit/92fbb6d1296f
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html

Vulnerability Database

291,049

CVE-2023-2194