SB20240702114 - Input validation error in Linux kernel clk sunxi-ng driver
Published: July 2, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240702114
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2023-52882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/fe11826ffa200e1a7a826e745163cb2f47875f66
- https://git.kernel.org/stable/c/bfc78b4628497eb6df09a6b5bba9dd31616ee175
- https://git.kernel.org/stable/c/f1fa9a9816204ac4b118b2e613d3a7c981355019
- https://git.kernel.org/stable/c/70f64cb29014e4c4f1fabd3265feebd80590d069
- https://git.kernel.org/stable/c/0b82eb134d2942ecc669e2ab2be3f0a58d79428a
- https://git.kernel.org/stable/c/9708e5081cfc4f085690294163389bcf82655f90
- https://git.kernel.org/stable/c/7e91ed763dc07437777bd012af7a2bd4493731ff
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.217
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.159
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.276
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.91
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.31
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.10