In the Linux kernel, the following vulnerability has been resolved:
nfc: fdp: add null check of devmkmallocarray in fdpncii2creaddevice_properties
devmkmallocarray may fails, *fwvsccfg might be null and cause out-of-bounds write in devicepropertyreadu8array later.
{ "vanir_signatures": [ { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4357bbb921fe9e81d0fd9f70d669d1f177d8380e", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "85678943671809162914677981521064319153" }, "id": "CVE-2023-53139-0d03a66d" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4357bbb921fe9e81d0fd9f70d669d1f177d8380e", "deprecated": false, "digest": { "line_hashes": [ "181420735290728086392997534477111531673", "248510354215420034077210432162205266801", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-1bf8dcf7" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad11b872bc9b5d27e56183c6b01f9218c85395d2", "deprecated": false, "digest": { "line_hashes": [ "292189898658081540980890032320039449972", "301402624780761925014959022397425428411", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-1fc667c8" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11f180a5d62a51b484e9648f9b310e1bd50b1a57", "deprecated": false, "digest": { "line_hashes": [ "181420735290728086392997534477111531673", "248510354215420034077210432162205266801", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-202c62ad" }, { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11f180a5d62a51b484e9648f9b310e1bd50b1a57", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "85678943671809162914677981521064319153" }, "id": "CVE-2023-53139-3c8ad76d" }, { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0a3664a1058d4b2b1ea2112cc275ca47fba7fc08", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "85678943671809162914677981521064319153" }, "id": "CVE-2023-53139-5015e4e1" }, { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@27824b2f98818215adc9661e563252c48dab1a13", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "85678943671809162914677981521064319153" }, "id": "CVE-2023-53139-51fb6f1e" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@80be62358fa5507cefbaa067c7e6648401f2c3da", "deprecated": false, "digest": { "line_hashes": [ "181420735290728086392997534477111531673", "248510354215420034077210432162205266801", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-69e4a4af" }, { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@80be62358fa5507cefbaa067c7e6648401f2c3da", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "85678943671809162914677981521064319153" }, "id": "CVE-2023-53139-7b2004e6" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@98f49e693e02c1dafd5786be3468657840dd6f06", "deprecated": false, "digest": { "line_hashes": [ "181420735290728086392997534477111531673", "248510354215420034077210432162205266801", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-892cf2f6" }, { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad11b872bc9b5d27e56183c6b01f9218c85395d2", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "321793038403012084186008632875382427169" }, "id": "CVE-2023-53139-b8131a12" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@27824b2f98818215adc9661e563252c48dab1a13", "deprecated": false, "digest": { "line_hashes": [ "181420735290728086392997534477111531673", "248510354215420034077210432162205266801", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-ba760b8e" }, { "signature_version": "v1", "target": { "function": "fdp_nci_i2c_read_device_properties", "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@98f49e693e02c1dafd5786be3468657840dd6f06", "deprecated": false, "digest": { "length": 1011.0, "function_hash": "85678943671809162914677981521064319153" }, "id": "CVE-2023-53139-cb0ef1c0" }, { "signature_version": "v1", "target": { "file": "drivers/nfc/fdp/i2c.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0a3664a1058d4b2b1ea2112cc275ca47fba7fc08", "deprecated": false, "digest": { "line_hashes": [ "181420735290728086392997534477111531673", "248510354215420034077210432162205266801", "452598993420862892250842787412088183", "101597055853991526194675455811417857718", "93828294207646954814359249228058060235", "314192041721966073168261941177443762860" ], "threshold": 0.9 }, "id": "CVE-2023-53139-e1c54475" } ] }