Buffer overflow in Linux kernel - CVE-2023-52867
Published: June 8, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU91308
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-52867
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the drivers/gpu/drm/radeon/evergreen.c. A local user can escalate privileges on the system.
How to mitigate CVE-2023-52867
Install update from vendor's website.
Sources
- https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783
- https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f
- https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783
- https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896
- https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94
- https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58
- https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855
- https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45
- https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.330
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.299
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.139
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.261
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.63
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7