CVE-2023-2194

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2023-2194
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2023-04-20 21:15:00 UTC
Updated2023-05-03 14:15:00 UTC
DescriptionAn out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.

Risk And Classification

Problem Types: CWE-787

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Fedoraproject Fedora 38 All All All
Operating System Linux Linux Kernel All All All All
Operating System Linux Linux Kernel 6.3 rc1 All All
Operating System Linux Linux Kernel 6.3 rc2 All All
Operating System Linux Linux Kernel 6.3 rc3 All All
Operating System Redhat Enterprise Linux 8.0 All All All
Operating System Redhat Enterprise Linux 9.0 All All All

References

ReferenceSourceLinkTags
[SECURITY] [DLA 3404-1] linux-5.10 security update MLIST lists.debian.org
[SECURITY] [DLA 3403-1] linux security update MLIST lists.debian.org
2188396 – (CVE-2023-2194) CVE-2023-2194 kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() MISC bugzilla.redhat.com
i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() · torvalds/linux@92fbb6d · GitHub MISC github.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 160806 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-3723)
  • 160859 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-4517)
  • 181765 Debian Security Update for linux-5.10 (DLA 3404-1)
  • 181768 Debian Security Update for linux (DLA 3403-1)
  • 184459 Debian Security Update for linux (CVE-2023-2194)
  • 199422 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6175-1)
  • 199437 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6186-1)
  • 199650 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6284-1)
  • 199669 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6301-1)
  • 199670 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6300-1)
  • 241733 Red Hat Update for kernel (RHSA-2023:3723)
  • 241740 Red Hat Update for kernel-rt (RHSA-2023:3708)
  • 241927 Red Hat Update for kernel-rt (RHSA-2023:4541)
  • 241936 Red Hat Update for kernel (RHSA-2023:4517)
  • 242855 Red Hat Update for kernel (RHSA-2024:0412)
  • 378701 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2023:0030)
  • 378710 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0079)
  • 379043 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)
  • 673074 EulerOS Security Update for kernel (EulerOS-SA-2023-2193)
  • 673182 EulerOS Security Update for kernel (EulerOS-SA-2023-2335)
  • 673214 EulerOS Security Update for kernel (EulerOS-SA-2023-2383)
  • 673393 EulerOS Security Update for kernel (EulerOS-SA-2023-2647)
  • 674113 EulerOS Security Update for kernel (EulerOS-SA-2023-2689)
  • 754097 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2507-1)
  • 754105 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2537-1)
  • 754106 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2534-1)
  • 754110 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2538-1)
  • 754120 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2611-1)
  • 754145 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2651-1)
  • 906918 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (26317-1)
  • 906966 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (26314-1)
  • 941166 AlmaLinux Security Update for kernel (ALSA-2023:3723)
  • 941167 AlmaLinux Security Update for kernel-rt (ALSA-2023:3708)
  • 941227 AlmaLinux Security Update for kernel (ALSA-2023:4517)
  • 941228 AlmaLinux Security Update for kernel-rt (ALSA-2023:4541)
  • 961032 Rocky Linux Security Update for kernel (RLSA-2023:4517)
  • 961046 Rocky Linux Security Update for kernel-rt (RLSA-2023:4541)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report