{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-57983", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-27T02:04:28.913Z", "datePublished": "2025-02-27T02:07:08.774Z", "dateUpdated": "2025-03-24T15:37:29.432Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-24T15:37:29.432Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: th1520: Fix memory corruption due to incorrect array size\n\nThe functions th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq are\nintended to save and restore the interrupt mask registers in the MBOX\nICU0. However, the array used to store these registers was incorrectly\nsized, leading to memory corruption when accessing all four registers.\n\nThis commit corrects the array size to accommodate all four interrupt\nmask registers, preventing memory corruption during suspend and resume\noperations."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mailbox/mailbox-th1520.c"], "versions": [{"version": "5d4d263e1c6b6b18acb4d67fd3b9af71b7404924", "lessThan": "2cd12c7fba59f30369e8647a2b726c7280903304", "status": "affected", "versionType": "git"}, {"version": "5d4d263e1c6b6b18acb4d67fd3b9af71b7404924", "lessThan": "db049866943a38bf46a34fa120d526663339d7a5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/mailbox/mailbox-th1520.c"], "versions": [{"version": "6.13", "status": "affected"}, {"version": "0", "lessThan": "6.13", "status": "unaffected", "versionType": "semver"}, {"version": "6.13.2", "lessThanOrEqual": "6.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/2cd12c7fba59f30369e8647a2b726c7280903304"}, {"url": "https://git.kernel.org/stable/c/db049866943a38bf46a34fa120d526663339d7a5"}], "title": "mailbox: th1520: Fix memory corruption due to incorrect array size", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3", "versionEndExcluding": "6.13.2", "versionStartIncluding": "6.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: th1520: Fix memory corruption due to incorrect array size\n\nThe functions th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq are\nintended to save and restore the interrupt mask registers in the MBOX\nICU0. However, the array used to store these registers was incorrectly\nsized, leading to memory corruption when accessing all four registers.\n\nThis commit corrects the array size to accommodate all four interrupt\nmask registers, preventing memory corruption during suspend and resume\noperations."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mailbox: th1520: Se corrige la corrupci\u00f3n de memoria debido a un tama\u00f1o de matriz incorrecto Las funciones th1520_mbox_suspend_noirq y th1520_mbox_resume_noirq tienen como objetivo guardar y restaurar los registros de m\u00e1scara de interrupci\u00f3n en MBOX ICU0. Sin embargo, la matriz utilizada para almacenar estos registros ten\u00eda un tama\u00f1o incorrecto, lo que provocaba una corrupci\u00f3n de memoria al acceder a los cuatro registros. Esta confirmaci\u00f3n corrige el tama\u00f1o de la matriz para acomodar los cuatro registros de m\u00e1scara de interrupci\u00f3n, lo que evita la corrupci\u00f3n de memoria durante las operaciones de suspensi\u00f3n y reanudaci\u00f3n."}], "id": "CVE-2024-57983", "lastModified": "2025-03-07T15:07:16.373", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-02-27T02:15:11.503", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch", "Mailing List"], "url": "https://git.kernel.org/stable/c/2cd12c7fba59f30369e8647a2b726c7280903304"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch", "Mailing List"], "url": "https://git.kernel.org/stable/c/db049866943a38bf46a34fa120d526663339d7a5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: mailbox: th1520: Fix memory corruption due to incorrect array size", "id": "2348525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348525"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmailbox: th1520: Fix memory corruption due to incorrect array size\nThe functions th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq are\nintended to save and restore the interrupt mask registers in the MBOX\nICU0. However, the array used to store these registers was incorrectly\nsized, leading to memory corruption when accessing all four registers.\nThis commit corrects the array size to accommodate all four interrupt\nmask registers, preventing memory corruption during suspend and resume\noperations."], "name": "CVE-2024-57983", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-57983\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-57983\nhttps://lore.kernel.org/linux-cve-announce/2025022635-CVE-2024-57983-d9c0@gregkh/T"], "threat_severity": "Moderate"}