Wind River Support Network


LIN1021-7798 : Security Advisory - linux - CVE-2023-52616

Created: Mar 18, 2024    Updated: May 14, 2024
Resolved Date: May 14, 2024
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel


In the Linux kernel, the following vulnerability has been resolved:

crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init

When the mpi_ec_ctx structure is initialized, some fields are not
cleared, causing a crash when referencing the field when the
structure was released. Initially, this issue was ignored because
memory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.
For example, this error will be triggered when calculating the
Za value for SM2 separately.

CREATE(Triage):(User=admin) CVE-2023-52616 (


Live chat