Integer Overflow in Linux Kernel's iwlwifi Driver Affecting Specific Versions
CVE-2023-53524
What is CVE-2023-53524?
An integer overflow has been identified in the iwl_write_to_user_buf() function within the iwlwifi driver of the Linux kernel. This occurs when the function, called by iwl_dbgfs_monitor_data_read(), receives a SIZE_MAX value for the count parameter. The result is a negative value for buf_size_left, which can lead to unintended behavior in memory operations, specifically a potential heap overflow. However, it is important to note that this is classified under debugfs operations, which are typically assigned 0400 permissions, limiting its impact in practical scenarios.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0ad8dd870aa187d0c21d032bb2c6433559075eec
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 059e426d666a41e26b184c177c1ca3ee2d6fa1b6
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 82f877ec9b041edc4c7c509c605cc3393d837bf0