CVE-2024-53228

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-53228
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53228.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53228
Downstream
Related
Published
2024-12-27T13:50:16.843Z
Modified
2025-11-20T07:07:03.884839Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
riscv: kvm: Fix out-of-bounds array access
Details

In the Linux kernel, the following vulnerability has been resolved:

riscv: kvm: Fix out-of-bounds array access

In kvmriscvvcpusbiinit() the entry->ext_idx can contain an out-of-bound index. This is used as a special marker for the base extensions, that cannot be disabled. However, when traversing the extensions, that special marker is not checked prior indexing the array.

Add an out-of-bounds check to the function.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
56d8a385b60556019ecb45d6098830c9ef6a13e0
Fixed
3c49e1084a5df99807fc43dd318c491e6cbaa168
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
56d8a385b60556019ecb45d6098830c9ef6a13e0
Fixed
b1af648f0d610665c956ea4604d9f797e5c7e991
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
56d8a385b60556019ecb45d6098830c9ef6a13e0
Fixed
332fa4a802b16ccb727199da685294f85f9880cb

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.10
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.11.7
v6.11.8
v6.11.9
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.6
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "target": {
            "file": "arch/riscv/kvm/vcpu_sbi.c",
            "function": "kvm_riscv_vcpu_sbi_init"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3c49e1084a5df99807fc43dd318c491e6cbaa168",
        "digest": {
            "length": 518.0,
            "function_hash": "322321468073605418275030753062715128821"
        },
        "id": "CVE-2024-53228-6c0f02ed"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "target": {
            "file": "arch/riscv/kvm/vcpu_sbi.c"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@332fa4a802b16ccb727199da685294f85f9880cb",
        "digest": {
            "line_hashes": [
                "166513889070146691249761306511205658849",
                "289136900531474267430378744597390923890",
                "67397855268695477924039642369770770338",
                "15430766875529091517127996189663030873",
                "38597536066512356974618972796661256796",
                "308613670487243315440974493275885286128",
                "69877086596939596452753195159771827254",
                "220881361823384848644788229438502922169",
                "201105516025701408582252398410642616653",
                "285440976747995740851049189616880751327",
                "294869216149707239756563620021178085855",
                "261782493527620633789295987137770823464",
                "57705152614791030566766848337628134764"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-53228-8656e838"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "target": {
            "file": "arch/riscv/kvm/vcpu_sbi.c",
            "function": "kvm_riscv_vcpu_sbi_init"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@332fa4a802b16ccb727199da685294f85f9880cb",
        "digest": {
            "length": 518.0,
            "function_hash": "322321468073605418275030753062715128821"
        },
        "id": "CVE-2024-53228-adbf8456"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "target": {
            "file": "arch/riscv/kvm/vcpu_sbi.c"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3c49e1084a5df99807fc43dd318c491e6cbaa168",
        "digest": {
            "line_hashes": [
                "166513889070146691249761306511205658849",
                "289136900531474267430378744597390923890",
                "67397855268695477924039642369770770338",
                "15430766875529091517127996189663030873",
                "38597536066512356974618972796661256796",
                "308613670487243315440974493275885286128",
                "69877086596939596452753195159771827254",
                "220881361823384848644788229438502922169",
                "201105516025701408582252398410642616653",
                "285440976747995740851049189616880751327",
                "294869216149707239756563620021178085855",
                "261782493527620633789295987137770823464",
                "57705152614791030566766848337628134764"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-53228-d38a0f32"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "target": {
            "file": "arch/riscv/kvm/vcpu_sbi.c"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1af648f0d610665c956ea4604d9f797e5c7e991",
        "digest": {
            "line_hashes": [
                "166513889070146691249761306511205658849",
                "289136900531474267430378744597390923890",
                "67397855268695477924039642369770770338",
                "15430766875529091517127996189663030873",
                "38597536066512356974618972796661256796",
                "308613670487243315440974493275885286128",
                "69877086596939596452753195159771827254",
                "220881361823384848644788229438502922169",
                "201105516025701408582252398410642616653",
                "285440976747995740851049189616880751327",
                "294869216149707239756563620021178085855",
                "261782493527620633789295987137770823464",
                "57705152614791030566766848337628134764"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-53228-f7464419"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "target": {
            "file": "arch/riscv/kvm/vcpu_sbi.c",
            "function": "kvm_riscv_vcpu_sbi_init"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1af648f0d610665c956ea4604d9f797e5c7e991",
        "digest": {
            "length": 518.0,
            "function_hash": "322321468073605418275030753062715128821"
        },
        "id": "CVE-2024-53228-ff75c125"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.11
Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.2