CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() The function mpi3mr_get_all_tgt_info() has four issues: 1) It calculates valid entry length in alltgt_info assuming the header part of the struct mpi3mr_device_map_info would equal to sizeof(u32). The correct size is sizeof(u64). 2) When it calculates the valid entry length kern_entrylen, it excludes one entry by subtracting 1 from num_devices. 3) It copies num_device by calling memcpy(). Substitution is enough. 4) It does not specify the calculated length to sg_copy_from_buffer(). Instead, it specifies the payload length which is larger than the alltgt_info size. It causes "BUG: KASAN: slab-out-of-bounds". Fix the issues by using the correct header size, removing the subtraction from num_devices, replacing the memcpy() with substitution and specifying the correct length to sg_copy_from_buffer().

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.8%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2023-53320

Linux » Linux Kernel » Version: 5.19

cpe:2.3:o:linux:linux_kernel:5.19
Linux » Linux Kernel » Version: 5.19.1

cpe:2.3:o:linux:linux_kernel:5.19.1
Linux » Linux Kernel » Version: 5.19.10

cpe:2.3:o:linux:linux_kernel:5.19.10
Linux » Linux Kernel » Version: 5.19.11

cpe:2.3:o:linux:linux_kernel:5.19.11
Linux » Linux Kernel » Version: 5.19.12

cpe:2.3:o:linux:linux_kernel:5.19.12
Linux » Linux Kernel » Version: 5.19.13

cpe:2.3:o:linux:linux_kernel:5.19.13
Linux » Linux Kernel » Version: 5.19.14

cpe:2.3:o:linux:linux_kernel:5.19.14
Linux » Linux Kernel » Version: 5.19.15

cpe:2.3:o:linux:linux_kernel:5.19.15
Linux » Linux Kernel » Version: 5.19.16

cpe:2.3:o:linux:linux_kernel:5.19.16
Linux » Linux Kernel » Version: 5.19.17

cpe:2.3:o:linux:linux_kernel:5.19.17
Linux » Linux Kernel » Version: 5.19.2

cpe:2.3:o:linux:linux_kernel:5.19.2
Linux » Linux Kernel » Version: 5.19.3

cpe:2.3:o:linux:linux_kernel:5.19.3
Linux » Linux Kernel » Version: 5.19.4

cpe:2.3:o:linux:linux_kernel:5.19.4
Linux » Linux Kernel » Version: 5.19.5

cpe:2.3:o:linux:linux_kernel:5.19.5
Linux » Linux Kernel » Version: 5.19.6

cpe:2.3:o:linux:linux_kernel:5.19.6
Linux » Linux Kernel » Version: 5.19.7

cpe:2.3:o:linux:linux_kernel:5.19.7
Linux » Linux Kernel » Version: 5.19.8

cpe:2.3:o:linux:linux_kernel:5.19.8
Linux » Linux Kernel » Version: 5.19.9

cpe:2.3:o:linux:linux_kernel:5.19.9
Linux » Linux Kernel » Version: 6.0

cpe:2.3:o:linux:linux_kernel:6.0
Linux » Linux Kernel » Version: 6.0.1

cpe:2.3:o:linux:linux_kernel:6.0.1
Linux » Linux Kernel » Version: 6.0.10

cpe:2.3:o:linux:linux_kernel:6.0.10
Linux » Linux Kernel » Version: 6.0.11

cpe:2.3:o:linux:linux_kernel:6.0.11
Linux » Linux Kernel » Version: 6.0.12

cpe:2.3:o:linux:linux_kernel:6.0.12
Linux » Linux Kernel » Version: 6.0.13

cpe:2.3:o:linux:linux_kernel:6.0.13
Linux » Linux Kernel » Version: 6.0.14

cpe:2.3:o:linux:linux_kernel:6.0.14
Linux » Linux Kernel » Version: 6.0.15

cpe:2.3:o:linux:linux_kernel:6.0.15
Linux » Linux Kernel » Version: 6.0.16

cpe:2.3:o:linux:linux_kernel:6.0.16
Linux » Linux Kernel » Version: 6.0.17

cpe:2.3:o:linux:linux_kernel:6.0.17
Linux » Linux Kernel » Version: 6.0.18

cpe:2.3:o:linux:linux_kernel:6.0.18
Linux » Linux Kernel » Version: 6.0.19

cpe:2.3:o:linux:linux_kernel:6.0.19
Linux » Linux Kernel » Version: 6.0.2

cpe:2.3:o:linux:linux_kernel:6.0.2
Linux » Linux Kernel » Version: 6.0.3

cpe:2.3:o:linux:linux_kernel:6.0.3
Linux » Linux Kernel » Version: 6.0.4

cpe:2.3:o:linux:linux_kernel:6.0.4
Linux » Linux Kernel » Version: 6.0.5

cpe:2.3:o:linux:linux_kernel:6.0.5
Linux » Linux Kernel » Version: 6.0.6

cpe:2.3:o:linux:linux_kernel:6.0.6
Linux » Linux Kernel » Version: 6.0.7

cpe:2.3:o:linux:linux_kernel:6.0.7
Linux » Linux Kernel » Version: 6.0.8

cpe:2.3:o:linux:linux_kernel:6.0.8
Linux » Linux Kernel » Version: 6.0.9

cpe:2.3:o:linux:linux_kernel:6.0.9
Linux » Linux Kernel » Version: 6.1

cpe:2.3:o:linux:linux_kernel:6.1
Linux » Linux Kernel » Version: 6.1.0

cpe:2.3:o:linux:linux_kernel:6.1.0
Linux » Linux Kernel » Version: 6.1.1

cpe:2.3:o:linux:linux_kernel:6.1.1
Linux » Linux Kernel » Version: 6.1.10

cpe:2.3:o:linux:linux_kernel:6.1.10
Linux » Linux Kernel » Version: 6.1.11

cpe:2.3:o:linux:linux_kernel:6.1.11
Linux » Linux Kernel » Version: 6.1.12

cpe:2.3:o:linux:linux_kernel:6.1.12
Linux » Linux Kernel » Version: 6.1.13

cpe:2.3:o:linux:linux_kernel:6.1.13
Linux » Linux Kernel » Version: 6.1.14

cpe:2.3:o:linux:linux_kernel:6.1.14
Linux » Linux Kernel » Version: 6.1.15

cpe:2.3:o:linux:linux_kernel:6.1.15
Linux » Linux Kernel » Version: 6.1.2

cpe:2.3:o:linux:linux_kernel:6.1.2
Linux » Linux Kernel » Version: 6.1.3

cpe:2.3:o:linux:linux_kernel:6.1.3
Linux » Linux Kernel » Version: 6.1.4

cpe:2.3:o:linux:linux_kernel:6.1.4
Linux » Linux Kernel » Version: 6.1.5

cpe:2.3:o:linux:linux_kernel:6.1.5
Linux » Linux Kernel » Version: 6.1.6

cpe:2.3:o:linux:linux_kernel:6.1.6
Linux » Linux Kernel » Version: 6.1.7

cpe:2.3:o:linux:linux_kernel:6.1.7
Linux » Linux Kernel » Version: 6.1.8

cpe:2.3:o:linux:linux_kernel:6.1.8
Linux » Linux Kernel » Version: 6.1.9

cpe:2.3:o:linux:linux_kernel:6.1.9
Linux » Linux Kernel » Version: 6.2

cpe:2.3:o:linux:linux_kernel:6.2
Linux » Linux Kernel » Version: 6.2.0

cpe:2.3:o:linux:linux_kernel:6.2.0
Linux » Linux Kernel » Version: 6.2.1

cpe:2.3:o:linux:linux_kernel:6.2.1
Linux » Linux Kernel » Version: 6.2.2

cpe:2.3:o:linux:linux_kernel:6.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-53320

Products

Pricing

Contact Us