CVE-2023-52766— i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

AI Predicted 7.8 Difficulty: Moderate EPSS 0.03% · P9 Updated May 13, 2026

Affected Version Matrix 12

Vendor	Product	Version Range	Status
Linux	Linux	`3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0< d23ad76f240c0f597b7a9eb79905d246f27d40df`	affected
		`3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0< 8be39f66915b40d26ea2c18ba84b5c3d5da6809b`	affected
		`3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0< 7c2b91b30d74d7c407118ad72502d4ca28af1af6`	affected
		`3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0< 4c86cb2321bd9c72d3b945ce7f747961beda8e65`	affected
		`3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0< 45a832f989e520095429589d5b01b0c65da9b574`	affected
		`5.0`	affected
		`< 5.0`	unaffected
		`5.15.140≤ 5.15.*`	unaffected
… +4 more rows

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-52766

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于i3c:mipi-i3c-hci模块hci_dma_irq_handler存在越界访问漏洞。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0 ~ d23ad76f240c0f597b7a9eb79905d246f27d40df	-
Linux	Linux	5.0	-

II. Public POCs for CVE-2023-52766

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-52766

请登录查看更多情报信息。

Other References for CVE-2023-52766 (5)

https://nvd.nist.gov/vuln/detail/CVE-2023-52766

Same Patch Batch · Linux · 2024-05-21 · 361 CVEs total

CVE-2023-52747		IB/hfi1: Restore allocated resources on failed copyout
CVE-2023-52757		smb: client: fix potential deadlock when releasing mids
CVE-2023-52755		ksmbd: fix slab out of bounds write in smb_inherit_dacl()
CVE-2023-52754		media: imon: fix access to invalid resource for the second interface
CVE-2023-52753		drm/amd/display: Avoid NULL dereference of timing generator
CVE-2023-52752		smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
CVE-2023-52751		smb: client: fix use-after-free in smb2_query_info_compound()
CVE-2023-52750		arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
CVE-2023-52749		spi: Fix null dereference on suspend
CVE-2023-52748		f2fs: avoid format-overflow warning
CVE-2022-48710		drm/radeon: fix a possible null pointer dereference
CVE-2021-47432		lib/generic-radix-tree.c: Don't overflow in peek()
CVE-2023-52743		ice: Do not use WQ_MEM_RECLAIM flag for workqueue
CVE-2023-52737		btrfs: lock the inode in shared mode before starting fiemap
CVE-2023-52738		drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
CVE-2023-52740		powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch
CVE-2023-52739		Fix page corruption caused by racy check in __free_pages
CVE-2023-52741		cifs: Fix use-after-free in rdata->read_into_pages()
CVE-2023-52744		RDMA/irdma: Fix potential NULL-ptr-dereference
CVE-2023-52745		IB/IPoIB: Fix legacy IPoIB due to wrong number of queues

Showing top 20 of 361 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2023-52766

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-52766— i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

Affected Version Matrix 12

I. Basic Information for CVE-2023-52766

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-52766

III. Intelligence Information for CVE-2023-52766

Other References for CVE-2023-52766 (5)

Same Patch Batch · Linux · 2024-05-21 · 361 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-52766

Leave a comment