VYPR
High severity7.8NVD Advisory· Published Dec 27, 2024· Updated Jun 17, 2026

CVE-2024-53228

CVE-2024-53228

Description

In the Linux kernel, the following vulnerability has been resolved:

riscv: kvm: Fix out-of-bounds array access

In kvm_riscv_vcpu_sbi_init() the entry->ext_idx can contain an out-of-bound index. This is used as a special marker for the base extensions, that cannot be disabled. However, when traversing the extensions, that special marker is not checked prior indexing the array.

Add an out-of-bounds check to the function.

Affected products

10

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.