CVE-2023-52649

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52649
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52649.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52649
Downstream
Published
2024-05-01T12:53:08Z
Modified
2025-10-15T04:00:58.054597Z
Summary
drm/vkms: Avoid reading beyond LUT array
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/vkms: Avoid reading beyond LUT array

When the floor LUT index (drmfixp2int(lutindex) is the last index of the array the ceil LUT index will point to an entry beyond the array. Make sure we guard against it and use the value of the floor LUT index.

v3: - Drop bits from commit description that didn't contribute anything of value

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
db1f254f2cfaf0510ae34fa2311a8d749e95179a
Fixed
9556c167673057d48ce4a0da675026fe046654c1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
db1f254f2cfaf0510ae34fa2311a8d749e95179a
Fixed
046c1184ce60b0a37d48134f17ddbc1f32ce02bd
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
db1f254f2cfaf0510ae34fa2311a8d749e95179a
Fixed
92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
db1f254f2cfaf0510ae34fa2311a8d749e95179a
Fixed
2fee84030d12d9fddfa874e4562d71761a129277

Affected versions

v6.*

v6.5
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1

Database specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c",
                "function": "apply_lut_to_channel_value"
            },
            "signature_version": "v1",
            "digest": {
                "length": 423.0,
                "function_hash": "186789708783366709651353268913051834417"
            },
            "id": "CVE-2023-52649-0aa4bf6f",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "310924559530734434091955097604279349554",
                    "173396015222661992087672089313187313397",
                    "152773543942662857217393763054264942009",
                    "10691733024899554076076407446937398906",
                    "245572959647100131877873988680877191221",
                    "173604418574412335140375844189279072376",
                    "78299103303516548563558183833178566487",
                    "331217470158794900173094643903014176177",
                    "215448701164819377109720784033220369770"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52649-355ee69f",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046c1184ce60b0a37d48134f17ddbc1f32ce02bd"
        },
        {
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c",
                "function": "apply_lut_to_channel_value"
            },
            "signature_version": "v1",
            "digest": {
                "length": 423.0,
                "function_hash": "186789708783366709651353268913051834417"
            },
            "id": "CVE-2023-52649-4108ed52",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046c1184ce60b0a37d48134f17ddbc1f32ce02bd"
        },
        {
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c",
                "function": "apply_lut_to_channel_value"
            },
            "signature_version": "v1",
            "digest": {
                "length": 423.0,
                "function_hash": "186789708783366709651353268913051834417"
            },
            "id": "CVE-2023-52649-5c98da0f",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9556c167673057d48ce4a0da675026fe046654c1"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "310924559530734434091955097604279349554",
                    "173396015222661992087672089313187313397",
                    "152773543942662857217393763054264942009",
                    "10691733024899554076076407446937398906",
                    "245572959647100131877873988680877191221",
                    "173604418574412335140375844189279072376",
                    "78299103303516548563558183833178566487",
                    "331217470158794900173094643903014176177",
                    "215448701164819377109720784033220369770"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52649-8c17ad58",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "310924559530734434091955097604279349554",
                    "173396015222661992087672089313187313397",
                    "152773543942662857217393763054264942009",
                    "10691733024899554076076407446937398906",
                    "245572959647100131877873988680877191221",
                    "173604418574412335140375844189279072376",
                    "78299103303516548563558183833178566487",
                    "331217470158794900173094643903014176177",
                    "215448701164819377109720784033220369770"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52649-a0355466",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9556c167673057d48ce4a0da675026fe046654c1"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "310924559530734434091955097604279349554",
                    "173396015222661992087672089313187313397",
                    "152773543942662857217393763054264942009",
                    "10691733024899554076076407446937398906",
                    "245572959647100131877873988680877191221",
                    "173604418574412335140375844189279072376",
                    "78299103303516548563558183833178566487",
                    "331217470158794900173094643903014176177",
                    "215448701164819377109720784033220369770"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52649-e08c290a",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2fee84030d12d9fddfa874e4562d71761a129277"
        },
        {
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "drivers/gpu/drm/vkms/vkms_composer.c",
                "function": "apply_lut_to_channel_value"
            },
            "signature_version": "v1",
            "digest": {
                "length": 423.0,
                "function_hash": "186789708783366709651353268913051834417"
            },
            "id": "CVE-2023-52649-e6ce2282",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2fee84030d12d9fddfa874e4562d71761a129277"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.23
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.11
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.2