{"id":"CVE-2023-52494","summary":"bus: mhi: host: Add alignment check for event ring read pointer","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Add alignment check for event ring read pointer\n\nThough we do check the event ring read pointer by \"is_valid_ring_ptr\"\nto make sure it is in the buffer range, but there is another risk the\npointer may be not aligned.  Since we are expecting event ring elements\nare 128 bits(struct mhi_ring_element) aligned, an unaligned read pointer\ncould lead to multiple issues like DoS or ring buffer memory corruption.\n\nSo add a alignment check for event ring read pointer.","modified":"2026-04-02T09:42:54.432139Z","published":"2024-02-29T15:52:11.674Z","related":["SUSE-SU-2024:1466-1","SUSE-SU-2024:1480-1","SUSE-SU-2024:1490-1","USN-6818-2","USN-6819-2"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52494.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2df39ac8f813860f79782807c3f7acff40b3c551"},{"type":"WEB","url":"https://git.kernel.org/stable/c/94991728c84f8df54fd9eec9b85855ef9057ea08"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a9ebfc405fe1be145f414eafadcbf09506082010"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ecf8320111822a1ae5d5fc512953eab46d543d0b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/eff9704f5332a13b08fbdbe0f84059c9e7051d5f"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52494.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52494"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ec32332df7645e0ba463a08d483fe97665167071"},{"fixed":"94991728c84f8df54fd9eec9b85855ef9057ea08"},{"fixed":"2df39ac8f813860f79782807c3f7acff40b3c551"},{"fixed":"a9ebfc405fe1be145f414eafadcbf09506082010"},{"fixed":"ecf8320111822a1ae5d5fc512953eab46d543d0b"},{"fixed":"eff9704f5332a13b08fbdbe0f84059c9e7051d5f"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"a1d2bd164c1c78f87968b7883964175ec41c32ae"},{"last_affected":"fd5f40fc887485a8b9a6806a640a0d8e0ef1afb6"},{"last_affected":"76879a980cd5ede4cb9a638999fb80d37bc09db5"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52494.json"}}],"schema_version":"1.7.5"}