In the Linux kernel, the following vulnerability has been resolved:
i3c: mipi-i3c-hci: Fix out of bounds access in hcidmairq_handler
Do not loop over ring headers in hcidmairqhandler() that are not allocated and enabled in hcidma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers.
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45a832f989e520095429589d5b01b0c65da9b574",
"target": {
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-04d0b939",
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"15912787143480553214943061058663966002",
"147801109872095788641162489093998137613",
"61672458456192248246161708657508388580",
"49856810139867974714408508331093443588"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45a832f989e520095429589d5b01b0c65da9b574",
"target": {
"function": "hci_dma_irq_handler",
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-06e686d9",
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "57299369064170984941686992898773339304",
"length": 1040.0
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d23ad76f240c0f597b7a9eb79905d246f27d40df",
"target": {
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-06f0079d",
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"15912787143480553214943061058663966002",
"147801109872095788641162489093998137613",
"61672458456192248246161708657508388580",
"49856810139867974714408508331093443588"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c86cb2321bd9c72d3b945ce7f747961beda8e65",
"target": {
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-593b7b18",
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"15912787143480553214943061058663966002",
"147801109872095788641162489093998137613",
"61672458456192248246161708657508388580",
"49856810139867974714408508331093443588"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c2b91b30d74d7c407118ad72502d4ca28af1af6",
"target": {
"function": "hci_dma_irq_handler",
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-6d6e2363",
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "57299369064170984941686992898773339304",
"length": 1040.0
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8be39f66915b40d26ea2c18ba84b5c3d5da6809b",
"target": {
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-727a0e3f",
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"15912787143480553214943061058663966002",
"147801109872095788641162489093998137613",
"61672458456192248246161708657508388580",
"49856810139867974714408508331093443588"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8be39f66915b40d26ea2c18ba84b5c3d5da6809b",
"target": {
"function": "hci_dma_irq_handler",
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-8bfdd5d3",
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "57299369064170984941686992898773339304",
"length": 1040.0
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c2b91b30d74d7c407118ad72502d4ca28af1af6",
"target": {
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-8c03d3e1",
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"15912787143480553214943061058663966002",
"147801109872095788641162489093998137613",
"61672458456192248246161708657508388580",
"49856810139867974714408508331093443588"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c86cb2321bd9c72d3b945ce7f747961beda8e65",
"target": {
"function": "hci_dma_irq_handler",
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-c76ba2a1",
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "57299369064170984941686992898773339304",
"length": 1040.0
},
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d23ad76f240c0f597b7a9eb79905d246f27d40df",
"target": {
"function": "hci_dma_irq_handler",
"file": "drivers/i3c/master/mipi-i3c-hci/dma.c"
},
"id": "CVE-2023-52766-eb725664",
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "57299369064170984941686992898773339304",
"length": 1040.0
},
"signature_version": "v1"
}
]