Description

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: Fix out-of-bounds array access In kvm_riscv_vcpu_sbi_init() the entry->ext_idx can contain an out-of-bound index. This is used as a special marker for the base extensions, that cannot be disabled. However, when traversing the extensions, that special marker is not checked prior indexing the array. Add an out-of-bounds check to the function.

INFO

Published Date :

2024-12-27T13:50:16.843Z

Last Modified :

2025-10-01T20:07:18.625Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53228 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53228.

URL Resource
https://git.kernel.org/stable/c/332fa4a802b16ccb727199da685294f85f9880cb cve-icon cve-icon
https://git.kernel.org/stable/c/3c49e1084a5df99807fc43dd318c491e6cbaa168 cve-icon cve-icon
https://git.kernel.org/stable/c/b1af648f0d610665c956ea4604d9f797e5c7e991 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024122736-CVE-2024-53228-0c5f@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-53228 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-53228 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact