CVE-2023-52614 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size of PAGE_SIZE. Add condition checking if we are exceeding PAGE_SIZE and exit early from loop. Also add at the end a warning that we exceeded PAGE_SIZE and that stats is disabled. Return -EFBIG in the case where we don't have enough space to write the full transition table. Also document in the ABI that this function can return -EFBIG error.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/087de000e4f8c878c81d9dd3725f00a1d292980c
https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4
https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f
https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c
https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8
https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/20240318101458.2835626-9-lee@kernel.org/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52614
https://www.cve.org/CVERecord?id=CVE-2023-52614

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-18T10:14:44.929Z

Updated: 2024-08-02T23:03:21.314Z

Reserved: 2024-03-06T09:52:12.089Z

Link: CVE-2023-52614

Vulnrichment

Updated: 2024-08-02T23:03:21.314Z

NVD

Status : Awaiting Analysis

Published: 2024-03-18T11:15:08.640

Modified: 2024-06-25T22:15:15.793

Link: CVE-2023-52614

Redhat

Severity : Low

Publid Date: 2024-03-18T00:00:00Z

Links: CVE-2023-52614 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52614", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-06T09:52:12.089Z", "datePublished": "2024-03-18T10:14:44.929Z", "dateUpdated": "2024-08-02T23:03:21.314Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T04:58:12.128Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don't have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["Documentation/ABI/testing/sysfs-class-devfreq", "drivers/devfreq/devfreq.c"], "versions": [{"version": "e552bbaf5b98", "lessThan": "087de000e4f8", "status": "affected", "versionType": "git"}, {"version": "e552bbaf5b98", "lessThan": "796d3fad8c35", "status": "affected", "versionType": "git"}, {"version": "e552bbaf5b98", "lessThan": "8a7729cda2dd", "status": "affected", "versionType": "git"}, {"version": "e552bbaf5b98", "lessThan": "a979f56aa4b9", "status": "affected", "versionType": "git"}, {"version": "e552bbaf5b98", "lessThan": "eaef4650fa20", "status": "affected", "versionType": "git"}, {"version": "e552bbaf5b98", "lessThan": "08e23d05fa6d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["Documentation/ABI/testing/sysfs-class-devfreq", "drivers/devfreq/devfreq.c"], "versions": [{"version": "3.8", "status": "affected"}, {"version": "0", "lessThan": "3.8", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.216", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.149", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.76", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.15", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.3", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/087de000e4f8c878c81d9dd3725f00a1d292980c"}, {"url": "https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f"}, {"url": "https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c"}, {"url": "https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8"}, {"url": "https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87"}, {"url": "https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "title": "PM / devfreq: Fix buffer overflow in trans_stat_show", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-18T15:34:29.560131Z", "id": "CVE-2023-52614", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-07T19:25:57.982Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.314Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/087de000e4f8c878c81d9dd3725f00a1d292980c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/087de000e4f8c878c81d9dd3725f00a1d292980c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.314Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52614", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T15:34:29.560131Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-07T19:25:55.364Z"}}], "cna": {"title": "PM / devfreq: Fix buffer overflow in trans_stat_show", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "e552bbaf5b98", "lessThan": "087de000e4f8", "versionType": "git"}, {"status": "affected", "version": "e552bbaf5b98", "lessThan": "796d3fad8c35", "versionType": "git"}, {"status": "affected", "version": "e552bbaf5b98", "lessThan": "8a7729cda2dd", "versionType": "git"}, {"status": "affected", "version": "e552bbaf5b98", "lessThan": "a979f56aa4b9", "versionType": "git"}, {"status": "affected", "version": "e552bbaf5b98", "lessThan": "eaef4650fa20", "versionType": "git"}, {"status": "affected", "version": "e552bbaf5b98", "lessThan": "08e23d05fa6d", "versionType": "git"}], "programFiles": ["Documentation/ABI/testing/sysfs-class-devfreq", "drivers/devfreq/devfreq.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.8"}, {"status": "unaffected", "version": "0", "lessThan": "3.8", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.216", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.149", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.76", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.15", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.3", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["Documentation/ABI/testing/sysfs-class-devfreq", "drivers/devfreq/devfreq.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/087de000e4f8c878c81d9dd3725f00a1d292980c"}, {"url": "https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f"}, {"url": "https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c"}, {"url": "https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8"}, {"url": "https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87"}, {"url": "https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don't have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T04:58:12.128Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52614", "state": "PUBLISHED", "dateUpdated": "2024-08-02T23:03:21.314Z", "dateReserved": "2024-03-06T09:52:12.089Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-18T10:14:44.929Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don't have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error."}, {"lang": "es", "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: PM / devfreq: Arreglar desbordamiento de b\u00fafer en trans_stat_show Arreglar desbordamiento de b\u00fafer en trans_stat_show(). Convierta snprintf simple en scnprintf m\u00e1s seguro con un tama\u00f1o de PAGE_SIZE. Agregue verificaci\u00f3n de condiciones si excedemos PAGE_SIZE y salga temprano del ciclo. Tambi\u00e9n agregue al final una advertencia de que excedimos PAGE_SIZE y que las estad\u00edsticas est\u00e1n deshabilitadas. Devuelve -EFBIG en el caso de que no tengamos suficiente espacio para escribir la tabla de transici\u00f3n completa. Tambi\u00e9n documente en la ABI que esta funci\u00f3n puede devolver el error -EFBIG."}], "id": "CVE-2023-52614", "lastModified": "2024-06-25T22:15:15.793", "metrics": {}, "published": "2024-03-18T11:15:08.640", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/087de000e4f8c878c81d9dd3725f00a1d292980c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/796d3fad8c35ee9df9027899fb90ceaeb41b958f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8a7729cda2dd276d7a3994638038fb89035b6f2c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a979f56aa4b93579cf0e4265ae04d7e9300fd3e8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/eaef4650fa2050147ca25fd7ee43bc0082e03c87"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: PM / devfreq: Fix buffer overflow in trans_stat_show", "id": "2270071", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270071"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-121", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nPM / devfreq: Fix buffer overflow in trans_stat_show\nFix buffer overflow in trans_stat_show().\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\nReturn -EFBIG in the case where we don't have enough space to write the\nfull transition table.\nAlso document in the ABI that this function can return -EFBIG error."], "name": "CVE-2023-52614", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52614\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52614\nhttps://lore.kernel.org/linux-cve-announce/20240318101458.2835626-9-lee@kernel.org/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.15.149, kernel 6.1.76, kernel 6.6.15, kernel 6.7.3, kernel 6.8"}