CVE-2023-52464: EDAC/thunderx: Fix possible out-of-bounds string access
First published: Fri Feb 23 2024(Updated: )
Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr': drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <6.8 | 6.8 |
| Linux Kernel | >=4.12.0<4.19.306 | |
| Linux Kernel | >=4.20.0<5.4.268 | |
| Linux Kernel | >=5.5.0<5.10.209 | |
| Linux Kernel | >=5.11.0<5.15.148 | |
| Linux Kernel | >=5.16.0<6.1.75 | |
| Linux Kernel | >=6.2.0<6.6.14 | |
| Linux Kernel | >=6.7.0<6.7.2 | |
| IBM Security Verify Governance - Identity Manager | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager Software Stack | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager Virtual Appliance | <=ISVG 10.0.2 | |
| IBM Security Verify Governance Identity Manager Container | <=ISVG 10.0.2 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.21-1 6.12.22-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5
- https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8
- https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6
- https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a
- https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21
- https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601
- https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398
- https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057
- https://launchpad.net/bugs/cve/CVE-2023-52464
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2265812
- https://lore.kernel.org/linux-cve-announce/2024022336-CVE-2023-52464-b17c@gregkh/T/#u
- https://access.redhat.com/security/cve/CVE-2023-52464
- https://access.redhat.com/errata/RHSA-2024:4211
- https://access.redhat.com/errata/RHSA-2024:4352
- https://access.redhat.com/errata/RHSA-2024:9315
- https://bugzilla.redhat.com/show_bug.cgi?id=2265800
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52464
- https://nvd.nist.gov/vuln/detail/CVE-2023-52464
- https://security-tracker.debian.org/tracker/CVE-2023-52464
- https://ubuntu.com/security/CVE-2023-52464
- https://git.kernel.org/linus/475c58e1a471e9b873e3e39958c64a2d278275c8
- https://www.ibm.com/support/pages/node/7230443 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2023-52464?
CVE-2023-52464 has been categorized as a moderate severity vulnerability affecting specific versions of the Linux kernel.
How do I fix CVE-2023-52464?
To fix CVE-2023-52464, update your Linux kernel to a version that addresses this vulnerability, such as those provided by Debian and Red Hat.
What versions of Linux are affected by CVE-2023-52464?
CVE-2023-52464 affects multiple versions of the Linux kernel between 4.12.0 and 6.8.
What is the impact of CVE-2023-52464?
The impact of CVE-2023-52464 relates to potential string overflow issues that could lead to unexpected behavior or crashes.
Is there a patch available for CVE-2023-52464?
Yes, patches for CVE-2023-52464 are included in newer releases of the Linux kernel that users can apply.
- agent/title
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/first-publish-date
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-52464
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/trending
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/last-modified-date
- agent/references
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.12.0
- version/linux kernel/4.20.0
- version/linux kernel/5.5.0
- version/linux kernel/5.11.0
- version/linux kernel/5.16.0
- version/linux kernel/6.2.0
- version/linux kernel/6.7.0
- package-manager/debian
- vendor/ibm
- canonical/ibm security verify governance - identity manager
- version/ibm security verify governance - identity manager/isvg 10.0.2
- canonical/ibm security verify governance, identity manager software stack
- version/ibm security verify governance, identity manager software stack/isvg 10.0.2
- canonical/ibm security verify governance, identity manager virtual appliance
- version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
- canonical/ibm security verify governance identity manager container
- version/ibm security verify governance identity manager container/isvg 10.0.2