CVE-2023-2194

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-2194

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-2194.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-2194

Downstream

DEBIAN-CVE-2023-2194

DLA-3403-1

DLA-3404-1

OESA-2023-1274

OESA-2023-1275

OESA-2023-1276

OESA-2023-1277

RHSA-2023:3708

RHSA-2023:3723

RHSA-2023:4517

RHSA-2023:4541

RHSA-2024:0412

SUSE-SU-2023:2501-1

SUSE-SU-2023:2502-1

SUSE-SU-2023:2507-1

SUSE-SU-2023:2534-1

SUSE-SU-2023:2537-1

SUSE-SU-2023:2538-1

SUSE-SU-2023:2611-1

SUSE-SU-2023:2651-1

SUSE-SU-2023:2805-1

UBUNTU-CVE-2023-2194

USN-6284-1

USN-6300-1

USN-6301-1

USN-6311-1

USN-6312-1

USN-6314-1

USN-6331-1

USN-6332-1

USN-6337-1

USN-6347-1

Related

Published

2023-04-20T21:15:09Z

Modified

2025-08-09T20:01:25Z

Severity

6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.

References

Affected packages