{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T20:41:47.012","vulnerabilities":[{"cve":{"id":"CVE-2023-52455","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-02-23T15:15:08.193","lastModified":"2024-11-21T08:39:48.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Don't reserve 0-length IOVA region\n\nWhen the bootloader/firmware doesn't setup the framebuffers, their\naddress and size are 0 in \"iommu-addresses\" property. If IOVA region is\nreserved with 0 length, then it ends up corrupting the IOVA rbtree with\nan entry which has pfn_hi < pfn_lo.\nIf we intend to use display driver in kernel without framebuffer then\nit's causing the display IOMMU mappings to fail as entire valid IOVA\nspace is reserved when address and length are passed as 0.\nAn ideal solution would be firmware removing the \"iommu-addresses\"\nproperty and corresponding \"memory-region\" if display is not present.\nBut the kernel should be able to handle this by checking for size of\nIOVA region and skipping the IOVA reservation if size is 0. Also, add\na warning if firmware is requesting 0-length IOVA region reservation."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu: no reservar región IOVA de longitud 0 Cuando el gestor de arranque/firmware no configura los framebuffers, su dirección y tamaño son 0 en la propiedad \"iommu-addresses\". Si la región IOVA está reservada con una longitud de 0, termina corrompiendo el rbtree de IOVA con una entrada que tiene pfn_hi &lt; pfn_lo. Si pretendemos utilizar el controlador de pantalla en el kernel sin framebuffer, entonces las asignaciones IOMMU de pantalla fallarán ya que se reserva todo el espacio IOVA válido cuando la dirección y la longitud se pasan como 0. Una solución ideal sería que el firmware elimine la propiedad \"iommu-addresses\". y la \"región de memoria\" correspondiente si la pantalla no está presente. Pero el kernel debería poder manejar esto verificando el tamaño de la región IOVA y omitiendo la reserva de IOVA si el tamaño es 0. Además, agregue una advertencia si el firmware solicita una reserva de región IOVA de longitud 0."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.6.14","matchCriteriaId":"723F5211-5C37-4F95-A4D3-FA6C2E6F914C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.0","versionEndExcluding":"6.7.2","matchCriteriaId":"0EA3778C-730B-464C-8023-18CA6AC0B807"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5e23e283910c9f30248732ae0770bcb0c9438abf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98b8a550da83cc392a14298c4b3eaaf0332ae6ad","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bb57f6705960bebeb832142ce9abf43220c3eab1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5e23e283910c9f30248732ae0770bcb0c9438abf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98b8a550da83cc392a14298c4b3eaaf0332ae6ad","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bb57f6705960bebeb832142ce9abf43220c3eab1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}