An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-04-20T00:00:00

Updated: 2024-08-02T06:12:20.649Z

Reserved: 2023-04-20T00:00:00

Link: CVE-2023-2194

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-04-20T21:15:09.047

Modified: 2024-11-21T07:58:07.260

Link: CVE-2023-2194

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-03-16T00:00:00Z

Links: CVE-2023-2194 - Bugzilla