CVE-2023-52819

drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays.

Category

6.6
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6 patch
https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e patch
https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679 patch
https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92 patch
https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1 patch
https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4 patch
https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216 patch
https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18 patch
https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356 patch

Frequently Asked Questions

What is the severity of CVE-2023-52819?
CVE-2023-52819 has been scored as a medium severity vulnerability.
How to fix CVE-2023-52819?
To fix CVE-2023-52819, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52819 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52819 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52819?
CVE-2023-52819 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.