In the Linux kernel, the following vulnerability has been resolved:
thermal: core: prevent potential string overflow
The dev->id value comes from idaalloc() so it's a number between zero and INTMAX. If it's too high then these sprintf()s will overflow.
{ "vanir_signatures": [ { "id": "CVE-2023-52868-131e1b1f", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f795fb35c2d8a637efe76b4518216c9319b998c" }, { "id": "CVE-2023-52868-2003e384", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2854.0, "function_hash": "321106791238456472892371268780900179914" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f795fb35c2d8a637efe76b4518216c9319b998c" }, { "id": "CVE-2023-52868-24226857", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c" }, { "id": "CVE-2023-52868-2465a35a", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2854.0, "function_hash": "321106791238456472892371268780900179914" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ad1bf47fbe5750c4d5d8e41337665e193e2c521" }, { "id": "CVE-2023-52868-46a57a04", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0f6b3be28c4d62ef6498133959c72266629bea97" }, { "id": "CVE-2023-52868-57aa3478", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2746.0, "function_hash": "42168029249703595511418481066809367500" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c" }, { "id": "CVE-2023-52868-5fdf65d8", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b55f0a9f865be75ca1019aad331f3225f7b50ce8" }, { "id": "CVE-2023-52868-63123eb4", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2806.0, "function_hash": "145258362992472303371656046125066530815" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0f6b3be28c4d62ef6498133959c72266629bea97" }, { "id": "CVE-2023-52868-65abcf42", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3091ab943dfc7b2578599b0fe203350286fab5bb" }, { "id": "CVE-2023-52868-6c74b76a", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@77ff34a56b695e228e6daf30ee30be747973d6e8" }, { "id": "CVE-2023-52868-aac339ee", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2923.0, "function_hash": "23293804970156671691060668371304634692" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b55f0a9f865be75ca1019aad331f3225f7b50ce8" }, { "id": "CVE-2023-52868-b2656c45", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2738.0, "function_hash": "243332763448625304599021874201920014382" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@77ff34a56b695e228e6daf30ee30be747973d6e8" }, { "id": "CVE-2023-52868-c02ba764", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2806.0, "function_hash": "145258362992472303371656046125066530815" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edbd6bbe40ac524a8f2273ffacc53edf14f3c686" }, { "id": "CVE-2023-52868-d076653b", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edbd6bbe40ac524a8f2273ffacc53edf14f3c686" }, { "id": "CVE-2023-52868-d167b6a3", "signature_type": "Line", "target": { "file": "drivers/thermal/thermal_core.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "200157365146573748703919097187328114066", "184844051251508112577620469971953462066", "196003478651918051643974684258175068894", "335598166507389885684791312121536747148", "95514278570745961013435329837882726833", "273854553979365217703315618026445224163", "246431101972864498644649741525354250798", "146642156085299800439028914518836350424" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ad1bf47fbe5750c4d5d8e41337665e193e2c521" }, { "id": "CVE-2023-52868-fbfc2652", "signature_type": "Function", "target": { "file": "drivers/thermal/thermal_core.c", "function": "thermal_zone_bind_cooling_device" }, "signature_version": "v1", "digest": { "length": 2854.0, "function_hash": "321106791238456472892371268780900179914" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3091ab943dfc7b2578599b0fe203350286fab5bb" } ] }