What is the severity of CVE-2023-52835?

CVE-2023-52835 is considered a medium severity vulnerability affecting the Linux kernel.

How do I fix CVE-2023-52835?

To resolve CVE-2023-52835, update the kernel to versions 4.19.300, 5.4.262, 5.10.202, 5.15.140, 6.1.64, 6.5.13, 6.6.3, or 6.7.

What systems are affected by CVE-2023-52835?

CVE-2023-52835 affects a range of Linux kernel versions as well as IBM Security Verify Governance products up to ISVG 10.0.2.

Is CVE-2023-52835 a local or remote vulnerability?

CVE-2023-52835 is a local vulnerability that requires local access to exploit.

What are the potential impacts of exploiting CVE-2023-52835?

Exploiting CVE-2023-52835 can lead to a denial of service condition in affected systems.

Vulnerability/
CVE-2023-52835

medium

21/5/2024

9/4/2025

CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound

First published: Tue May 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2023-52835">CVE-2023-52835</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52835-80ee@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52835-80ee@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
redhat/kernel	<4.19.300	4.19.300
redhat/kernel	<5.4.262	5.4.262
redhat/kernel	<5.10.202	5.10.202
redhat/kernel	<5.15.140	5.15.140
redhat/kernel	<6.1.64	6.1.64
redhat/kernel	<6.5.13	6.5.13
redhat/kernel	<6.6.3	6.6.3
redhat/kernel	<6.7	6.7
IBM Security Verify Governance - Identity Manager	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance	<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container	<=ISVG 10.0.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2023-52835?
CVE-2023-52835 is considered a medium severity vulnerability affecting the Linux kernel.
How do I fix CVE-2023-52835?
To resolve CVE-2023-52835, update the kernel to versions 4.19.300, 5.4.262, 5.10.202, 5.15.140, 6.1.64, 6.5.13, 6.6.3, or 6.7.
What systems are affected by CVE-2023-52835?
CVE-2023-52835 affects a range of Linux kernel versions as well as IBM Security Verify Governance products up to ISVG 10.0.2.
Is CVE-2023-52835 a local or remote vulnerability?
CVE-2023-52835 is a local vulnerability that requires local access to exploit.
What are the potential impacts of exploiting CVE-2023-52835?
Exploiting CVE-2023-52835 can lead to a denial of service condition in affected systems.

agent/title
agent/first-publish-date
agent/type
collector/nvd-api
source/NVD
agent/author
agent/severity
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-52835
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/source
agent/softwarecombine
agent/description
agent/tags
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup-request
package-manager/redhat
vendor/ibm
canonical/ibm security verify governance - identity manager
version/ibm security verify governance - identity manager/isvg 10.0.2
canonical/ibm security verify governance, identity manager software stack
version/ibm security verify governance, identity manager software stack/isvg 10.0.2
canonical/ibm security verify governance, identity manager virtual appliance
version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
canonical/ibm security verify governance identity manager container
version/ibm security verify governance identity manager container/isvg 10.0.2