CVE-2023-52818

drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays.

Category

7.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498 patch
https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928 patch
https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f patch
https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4 patch
https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47 patch
https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b patch
https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94 patch
https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97 patch
https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3 patch

Frequently Asked Questions

What is the severity of CVE-2023-52818?
CVE-2023-52818 has been scored as a high severity vulnerability.
How to fix CVE-2023-52818?
To fix CVE-2023-52818, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52818 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52818 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52818?
CVE-2023-52818 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.