CVE-2023-52857

low-risk

Published 2024-05-21

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix coverity issue with unintentional integer overflow 1. Instead of multiplying 2 variable of different types. Change to assign a value of one variable and then multiply the other variable. 2. Add a int variable for multiplier calculation instead of calculating different types multiplier with dma_addr_t variable directly.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396

Patch https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c

https://git.kernel.org/stable/c/a12bd675100531f9fb4508fd4430dd1632325a0e

Patch https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7

Patch https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396

Patch https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c

Patch https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7

https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal