cve-2023-52764
Vulnerability from cvelistv5
Published
2024-05-21 15:30
Modified
2024-11-04 14:52
Severity ?
Summary
media: gspca: cpia1: shift-out-of-bounds in set_flicker
Impacted products
Vendor Product Version
Linux Linux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.774Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:06.356182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:31.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/gspca/cpia1.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "69bba62600bd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2eee8edfff90",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8f83c85ee882",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c6b6b8692218",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "09cd8b561aa9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a647f27a7426",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "93bddd6529f1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e2d7149b913d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "099be1822d1f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/gspca/cpia1.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:14.544Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060"
        },
        {
          "url": "https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a"
        },
        {
          "url": "https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26"
        },
        {
          "url": "https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177"
        },
        {
          "url": "https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809"
        },
        {
          "url": "https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953"
        }
      ],
      "title": "media: gspca: cpia1: shift-out-of-bounds in set_flicker",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52764",
    "datePublished": "2024-05-21T15:30:49.032Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:14.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52764\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-21T16:15:15.700\",\"lastModified\":\"2024-05-21T16:53:56.550\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\\n\\nSyzkaller reported the following issue:\\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\\n\\nWhen the value of the variable \\\"sd-\u003eparams.exposure.gain\\\" exceeds the\\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\\nis triggered because the variable \\\"currentexp\\\" cannot be left-shifted by\\nmore than the number of bits in an integer. In order to avoid invalid\\nrange during left-shift, the conditional expression is added.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: media: gspca: cpia1: desplazamiento fuera de los l\u00edmites en set_flicker. Syzkaller inform\u00f3 el siguiente problema: UBSAN: desplazamiento fuera de los l\u00edmites en drivers/media/usb/gspca /cpia1.c:1031:27 el exponente de desplazamiento 245 es demasiado grande para el tipo \u0027int\u0027 de 32 bits. Cuando el valor de la variable \\\"sd-\u0026gt;params.exposure.gain\\\" excede el n\u00famero de bits en un n\u00famero entero, se realiza un desplazamiento. Se informa un error fuera de los l\u00edmites. Se activa porque la variable \\\"currentexp\\\" no puede desplazarse hacia la izquierda m\u00e1s que el n\u00famero de bits de un n\u00famero entero. Para evitar un rango no v\u00e1lido durante el desplazamiento a la izquierda, se agrega la expresi\u00f3n condicional.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.