Out-of-Bounds Access Vulnerability in Linux Kernel Affects IRQ Management
CVE-2023-53768
What is CVE-2023-53768?
The vulnerability involves an out-of-bounds access issue within the Linux kernel during the allocation of configuration buffers for IRQ type registers. Specifically, the function regmap_add_irq_chip_fwnode() incorrectly allocates memory for a 2D array, leading to potential memory corruption when the number of configuration registers exceeds the configured bases. This flaw can result in crashes and instability on affected devices. The issue has been addressed by refining the memory allocation logic to ensure that it correctly allocates memory for each row in the matrix, thereby preventing invalid memory access.
Affected Version(s)
Linux faa87ce9196dbb074d75bd4aecb8bacf18f19b4e
Linux faa87ce9196dbb074d75bd4aecb8bacf18f19b4e < 6e7b2337ecd028bd888a1a0be4115b8a88faf838
Linux faa87ce9196dbb074d75bd4aecb8bacf18f19b4e < 963b54df82b6d6206d7def273390bf3f7af558e1