CVE-2023-52612 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from the scomp_scratch->dst to avoid req->dst buffer overflow problem.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe
https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e
https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5
https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883
https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131
https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759
https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625
https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-12-lee@kernel.org/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52612
https://www.cve.org/CVERecord?id=CVE-2023-52612

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-18T10:07:47.204Z

Updated: 2024-08-02T23:03:21.332Z

Reserved: 2024-03-06T09:52:12.088Z

Link: CVE-2023-52612

Vulnrichment

Updated: 2024-08-02T23:03:21.332Z

NVD

Status : Awaiting Analysis

Published: 2024-03-18T11:15:08.317

Modified: 2024-06-27T13:15:53.470

Link: CVE-2023-52612

Redhat

Severity : Moderate

Publid Date: 2024-03-18T00:00:00Z

Links: CVE-2023-52612 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52612", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-06T09:52:12.088Z", "datePublished": "2024-03-18T10:07:47.204Z", "dateUpdated": "2024-08-02T23:03:21.332Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:14:24.774Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: scomp - fix req->dst buffer overflow\n\nThe req->dst buffer size should be checked before copying from the\nscomp_scratch->dst to avoid req->dst buffer overflow problem."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/scompress.c"], "versions": [{"version": "1ab53a77b772", "lessThan": "1142d65c5b88", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "e0e3f4a18784", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "4518dc468cdd", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "a5f2f91b3fd7", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "4df0c942d04a", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "7d9e5bed036a", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "71c6670f9f03", "status": "affected", "versionType": "git"}, {"version": "1ab53a77b772", "lessThan": "744e1885922a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/scompress.c"], "versions": [{"version": "4.10", "status": "affected"}, {"version": "0", "lessThan": "4.10", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe"}, {"url": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76"}, {"url": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e"}, {"url": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625"}, {"url": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5"}, {"url": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759"}, {"url": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883"}, {"url": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "title": "crypto: scomp - fix req->dst buffer overflow", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52612", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T15:42:02.603013Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:24:15.790Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.332Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.332Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52612", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T15:42:02.603013Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:18.389Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "crypto: scomp - fix req->dst buffer overflow", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1ab53a77b772", "lessThan": "1142d65c5b88", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "e0e3f4a18784", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "4518dc468cdd", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "a5f2f91b3fd7", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "4df0c942d04a", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "7d9e5bed036a", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "71c6670f9f03", "versionType": "git"}, {"status": "affected", "version": "1ab53a77b772", "lessThan": "744e1885922a", "versionType": "git"}], "programFiles": ["crypto/scompress.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.10"}, {"status": "unaffected", "version": "0", "lessThan": "4.10", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.306", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.268", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.209", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.148", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.75", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.14", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.2", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["crypto/scompress.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe"}, {"url": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76"}, {"url": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e"}, {"url": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625"}, {"url": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5"}, {"url": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759"}, {"url": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883"}, {"url": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: scomp - fix req->dst buffer overflow\n\nThe req->dst buffer size should be checked before copying from the\nscomp_scratch->dst to avoid req->dst buffer overflow problem."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:14:24.774Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52612", "state": "PUBLISHED", "dateUpdated": "2024-08-02T23:03:21.332Z", "dateReserved": "2024-03-06T09:52:12.088Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-18T10:07:47.204Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: crypto: scomp - fix req->dst buffer overflow", "id": "2270075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270075"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-121", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: scomp - fix req->dst buffer overflow\nThe req->dst buffer size should be checked before copying from the\nscomp_scratch->dst to avoid req->dst buffer overflow problem.", "A vulnerability was found in scomp component Linux Kernel causing a buffer overflow in the req->dst buffer. This occurred because the buffer size was not checked before copying data from scomp_scratch->dst, leading to potential overflow and DoS."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52612", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52612\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52612\nhttps://lore.kernel.org/linux-cve-announce/20240318100758.2828621-12-lee@kernel.org/T"], "statement": "Red Hat has protection mechanisms in place against buffer overflows, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.306, kernel 5.4.268, kernel 5.10.209, kernel 5.15.148, kernel 6.1.75, kernel 6.6.14, kernel 6.7.2, kernel 6.8"}