{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52669", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-07T14:49:46.885Z", "datePublished": "2024-05-17T14:01:57.025Z", "dateUpdated": "2026-05-11T19:31:22.977Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T19:31:22.977Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/crypto/aes_s390.c", "arch/s390/crypto/paes_s390.c"], "versions": [{"version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "cd51e26a3b89706beec64f2d8296cfb1c34e0c79", "status": "affected", "versionType": "git"}, {"version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "a7f580cdb42ec3d53bbb7c4e4335a98423703285", "status": "affected", "versionType": "git"}, {"version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "dbc9a791a70ea47be9f2acf251700fe254a2ab23", "status": "affected", "versionType": "git"}, {"version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "d68ac38895e84446848b7647ab9458d54cacba3e", "status": "affected", "versionType": "git"}, {"version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "e78f1a43e72daf77705ad5b9946de66fc708b874", "status": "affected", "versionType": "git"}, {"version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "d07f951903fa9922c375b8ab1ce81b18a0034e3b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/crypto/aes_s390.c", "arch/s390/crypto/paes_s390.c"], "versions": [{"version": "3.0", "status": "affected"}, {"version": "0", "lessThan": "3.0", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.210", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.149", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.76", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.15", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.3", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0", "versionEndExcluding": "5.10.210"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0", "versionEndExcluding": "5.15.149"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0", "versionEndExcluding": "6.1.76"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0", "versionEndExcluding": "6.6.15"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0", "versionEndExcluding": "6.7.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0", "versionEndExcluding": "6.8"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79"}, {"url": "https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285"}, {"url": "https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23"}, {"url": "https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e"}, {"url": "https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874"}, {"url": "https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b"}], "title": "crypto: s390/aes - Fix buffer overread in CTR mode", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52669", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-24T14:16:01.568740Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:24:13.633Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:34.492Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:34.492Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52669", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-24T14:16:01.568740Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-24T14:16:05.850Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "crypto: s390/aes - Fix buffer overread in CTR mode", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "cd51e26a3b89706beec64f2d8296cfb1c34e0c79", "versionType": "git"}, {"status": "affected", "version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "a7f580cdb42ec3d53bbb7c4e4335a98423703285", "versionType": "git"}, {"status": "affected", "version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "dbc9a791a70ea47be9f2acf251700fe254a2ab23", "versionType": "git"}, {"status": "affected", "version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "d68ac38895e84446848b7647ab9458d54cacba3e", "versionType": "git"}, {"status": "affected", "version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "e78f1a43e72daf77705ad5b9946de66fc708b874", "versionType": "git"}, {"status": "affected", "version": "0200f3ecc19660bebeabbcbaf212957fcf1dbf8f", "lessThan": "d07f951903fa9922c375b8ab1ce81b18a0034e3b", "versionType": "git"}], "programFiles": ["arch/s390/crypto/aes_s390.c", "arch/s390/crypto/paes_s390.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.0"}, {"status": "unaffected", "version": "0", "lessThan": "3.0", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.210", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.149", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.76", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.15", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.3", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["arch/s390/crypto/aes_s390.c", "arch/s390/crypto/paes_s390.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79"}, {"url": "https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285"}, {"url": "https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23"}, {"url": "https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e"}, {"url": "https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874"}, {"url": "https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:23:47.193Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52669", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:23:47.193Z", "dateReserved": "2024-03-07T14:49:46.885Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T14:01:57.025Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECA814C8-C33C-4859-A5AC-D814F2E0D9E4", "versionEndExcluding": "5.10.210", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D0465BB-4053-4E15-9137-6696EBAE90FD", "versionEndExcluding": "5.15.149", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "32F0FEB3-5FE1-4400-A56D-886F09BE872E", "versionEndExcluding": "6.1.76", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87C718CB-AE3D-4B07-B4D9-BFF64183C468", "versionEndExcluding": "6.6.15", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "58FD5308-148A-40D3-B36A-0CA6B434A8BF", "versionEndExcluding": "6.7.3", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: s390/aes - Corrige la sobrelectura del buffer en modo CTR Al procesar el \u00faltimo bloque, el c\u00f3digo ctr s390 siempre leer\u00e1 un bloque completo, incluso si no hay un bloque completo de datos restantes. Solucione este problema utilizando la longitud real restante y c\u00f3pielo primero en un b\u00fafer para procesarlo."}], "id": "CVE-2023-52669", "lastModified": "2025-12-23T18:46:18.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T14:15:09.827", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4211", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.8.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-02T00:00:00Z"}], "bugzilla": {"description": "kernel: crypto: s390/aes - Fix buffer overread in CTR mode", "id": "2281346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281346"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: s390/aes - Fix buffer overread in CTR mode\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing."], "name": "CVE-2023-52669", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52669\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52669\nhttps://lore.kernel.org/linux-cve-announce/2024051728-CVE-2023-52669-5a58@gregkh/T"], "threat_severity": "Low"}

{}