CVE-2023-53646
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53646
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53646.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53646
- Downstream
- Published
- 2025-10-07T15:19:44Z
- Modified
- 2025-10-16T19:00:09.433202Z
- Summary
- drm/i915/perf: add sentinel to xehp_oa_b_counters
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/perf: add sentinel to xehpoab_counters
Arrays passed to reginrange_table should end with empty record.
The patch solves KASAN detected bug with signature: BUG: KASAN: global-out-of-bounds in xehpisvalidbcounter_addr+0x2c7/0x350 [i915] Read of size 4 at addr ffffffffa1555d90 by task perf/1518
CPU: 4 PID: 1518 Comm: perf Tainted: G U 6.4.0-kasan438-g3303d06107f3+ #1 Hardware name: Intel Corporation Meteor Lake Client Platform/MTL-P DDR5 SODIMM SBS RVP, BIOS MTLPFWI1.R00.3223.D80.2305311348 05/31/2023 Call Trace: <TASK> ... xehpisvalidbcounteraddr+0x2c7/0x350 [i915]
(cherry picked from commit 2f42c5afb34b5696cf5fe79e744f99be9b218798)
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0fa9349dda030fa847b36f880a5eea25c3202b66Fixed21d92025e80629fd5c25cd6751f8cf38c784dd4a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0fa9349dda030fa847b36f880a5eea25c3202b66Fixed785b3f667b4bf98804cad135005e964df0c750de
Affected versions
v6.*
v6.0
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.5-rc1
v6.5-rc2