CVE Published: 06/09/2024 |
CVE Updated: 29/09/2024 |
CVE Year: 2023 Source: Linux |
Vendor: Linux |
Product: Linux Status : PUBLISHED
CVE-2023-52916 Description
In the Linux kernel, the following vulnerability has been resolved:
media: aspeed: Fix memory overwrite if timing is 1600x900
When capturing 1600x900, system could crash when system memory usage is
tight.
The way to reproduce this issue:
1. Use 1600x900 to display on host
2. Mount ISO through \'Virtual media\' on OpenBMC\'s web
3. Run script as below on host to do sha continuously
#!/bin/bash
while [ [1] ];
do
find /media -type f -printf \'"%h/%f"\n\' | xargs sha256sum
done
4. Open KVM on OpenBMC\'s web
The size of macro block captured is 8x8. Therefore, we should make sure
the height of src-buf is 8 aligned to fix this issue.