发布于3月6日3月6日 Members Ubuntu: (CVE-2023-52829): linux-nvidia-6.5 vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/21/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() reg_cap.phy_id is extracted from WMI event and could be an unexpected value in case some errors happen. As a result out-of-bound write may occur to soc->hal_reg_cap. Fix it by validating reg_cap.phy_id before using it. This is found during code review. Compile tested only. Solution(s) ubuntu-upgrade-linux-nvidia-6-5 References https://attackerkb.com/topics/cve-2023-52829 CVE - 2023-52829 https://git.kernel.org/linus/b302dce3d9edea5b93d1902a541684a967f3c63c https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97 https://www.cve.org/CVERecord?id=CVE-2023-52829
