CVE-2023-52461

Public on 2024-02-23
Modified on 2024-04-26
Description
In the Linux kernel, the following vulnerability has been resolved:

drm/sched: Fix bounds limiting when given a malformed entity

If we're given a malformed entity in drm_sched_entity_init()--shouldn't
happen, but we verify--with out-of-bounds priority value, we set it to an
allowed value. Fix the expression which sets this limit.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
5.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel No Fix Planned
Amazon Linux 2 - Core kernel Not Affected
Amazon Linux 2 - Kernel-5.10 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.15 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.4 Extra kernel Not Affected
Amazon Linux 2023 kernel Not Affected

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
NVD CVSSv3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2023-52461 Mitre: CVE-2023-52461