vulnerability

Red Hat: CVE-2023-52606: kernel: powerpc/lib: Validate size for vector operations (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:L/Au:S/C:C/I:N/A:C)	2024-03-06	2024-06-06	2025-03-10

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:N/A:C)

Published

2024-03-06

Added

2024-06-06

Modified

2025-03-10

Description

In the Linux kernel, the following vulnerability has been resolved:

powerpc/lib: Validate size for vector operations

Some of the fp/vmx code in sstep.c assume a certain maximum size for the
instructions being emulated. The size of those operations however is
determined separately in analyse_instr().

Add a check to validate the assumption on the maximum size of the
operations, so as to prevent any unintended kernel stack corruption.

Solution(s)

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

NVD-CVE-2023-52606
REDHAT-RHSA-2024:3618
REDHAT-RHSA-2024:9315

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today