SB20240531274 - Out-of-bounds read in Linux kernel nfc nci
Published: May 31, 2024 Updated: May 14, 2025
Security Bulletin ID
SB20240531274
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2023-52507)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nci_activate_target() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2c231a247a1d1628e41fa1eefd1a5307c41c5f53
- https://git.kernel.org/stable/c/a686f84101680b8442181a8846fbd3c934653729
- https://git.kernel.org/stable/c/95733ea130e35ef9ec5949a5908dde3feaba92cb
- https://git.kernel.org/stable/c/a424807d860ba816aaafc3064b46b456361c0802
- https://git.kernel.org/stable/c/25dd54b95abfdca423b65a4ee620a774777d8213
- https://git.kernel.org/stable/c/853dda54ba59ea70d5580a298b7ede4707826848
- https://git.kernel.org/stable/c/6584eba7688dcf999542778b07f63828c21521da
- https://git.kernel.org/stable/c/354a6e707e29cb0c007176ee5b8db8be7bd2dee0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.328
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.297
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.199
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.136
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.259
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.59
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6