CVE-2023-52916

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through 'Virtual media' on OpenBMC's web 3. Run script as below on host to do sha continuously #!/bin/bash while [ [1] ]; do find /media -type f -printf '"%h/%f"\n' | xargs sha256sum done 4. Open KVM on OpenBMC's web The size of macro block captured is 8x8. Therefore, we should make sure the height of src-buf is 8 aligned to fix this issue.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/4c823e4027dd1d6e88c31028dec13dd19bc7b02d	Patch
https://git.kernel.org/stable/c/c281355068bc258fd619c5aefd978595bede7bfe	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

26 Sep 2025, 18:50

Type	Values Removed	Values Added
CWE		CWE-787
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/4c823e4027dd1d6e88c31028dec13dd19bc7b02d -~~	() https://git.kernel.org/stable/c/4c823e4027dd1d6e88c31028dec13dd19bc7b02d - Patch
References	~~() https://git.kernel.org/stable/c/c281355068bc258fd619c5aefd978595bede7bfe -~~	() https://git.kernel.org/stable/c/c281355068bc258fd619c5aefd978595bede7bfe - Patch
First Time		Linux Linux linux Kernel

14 Dec 2024, 21:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/4c823e4027dd1d6e88c31028dec13dd19bc7b02d -

06 Sep 2024, 12:08

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-06 09:15

Updated : 2025-09-26 18:50

NVD link : CVE-2023-52916

Mitre link : CVE-2023-52916

CVE.ORG link : CVE-2023-52916

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2023-52916", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-09-06T09:15:03.327", "references": [{"url": "https://git.kernel.org/stable/c/4c823e4027dd1d6e88c31028dec13dd19bc7b02d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c281355068bc258fd619c5aefd978595bede7bfe", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: aspeed: Fix memory overwrite if timing is 1600x900\n\nWhen capturing 1600x900, system could crash when system memory usage is\ntight.\n\nThe way to reproduce this issue:\n1. Use 1600x900 to display on host\n2. Mount ISO through 'Virtual media' on OpenBMC's web\n3. Run script as below on host to do sha continuously\n #!/bin/bash\n while [ [1] ];\n do\n\tfind /media -type f -printf '\"%h/%f\"\\n' | xargs sha256sum\n done\n4. Open KVM on OpenBMC's web\n\nThe size of macro block captured is 8x8. Therefore, we should make sure\nthe height of src-buf is 8 aligned to fix this issue."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: aspeed: corrige la sobrescritura de memoria si el tiempo es 1600x900 Al capturar 1600x900, el sistema podr\u00eda bloquearse cuando el uso de la memoria del sistema es ajustado. La forma de reproducir este problema: 1. Use 1600x900 para mostrar en el host 2. Monte ISO a trav\u00e9s de 'Medios virtuales' en la web de OpenBMC 3. Ejecute el script como se muestra a continuaci\u00f3n en el host para hacer sha continuamente #!/bin/bash while [ [1] ]; do find /media -type f -printf '\"%h/%f\"\\n' | xargs sha256sum done 4. Abra KVM en la web de OpenBMC El tama\u00f1o del bloque de macro capturado es 8x8. Por lo tanto, debemos asegurarnos de que la altura de src-buf est\u00e9 alineada con 8 para solucionar este problema."}], "lastModified": "2025-09-26T18:50:09.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77F59407-FF9B-4DBC-A5C0-718D2C65872D", "versionEndExcluding": "6.1.120", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6747FDB4-EF6B-4019-9232-82D90A3D6E73", "versionEndExcluding": "6.6", "versionStartIncluding": "6.2"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}