#VU88895 Out-of-bounds write in Linux kernel - CVE-2023-52464

Vulnerability identifier: #VU88895

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52464

CWE-ID: CWE-787

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the thunderx_ocx_com_threaded_isr() function in drivers/edac/thunderx_edac.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: before 4.19.306, 4.19.306

---

External links
https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601
https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6
https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a
https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21
https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398
https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057
https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5
https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.