{"id":"CVE-2023-52669","summary":"crypto: s390/aes - Fix buffer overread in CTR mode","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left.  Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing.","modified":"2026-05-07T04:17:49.193617Z","published":"2024-05-17T14:01:57.025Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2892-1","SUSE-SU-2024:2901-1","SUSE-SU-2024:2940-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20249-1","USN-6818-2","USN-6819-2"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52669.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/a7f580cdb42ec3d53bbb7c4e4335a98423703285"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cd51e26a3b89706beec64f2d8296cfb1c34e0c79"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d07f951903fa9922c375b8ab1ce81b18a0034e3b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d68ac38895e84446848b7647ab9458d54cacba3e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dbc9a791a70ea47be9f2acf251700fe254a2ab23"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e78f1a43e72daf77705ad5b9946de66fc708b874"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52669.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52669"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0200f3ecc19660bebeabbcbaf212957fcf1dbf8f"},{"fixed":"cd51e26a3b89706beec64f2d8296cfb1c34e0c79"},{"fixed":"a7f580cdb42ec3d53bbb7c4e4335a98423703285"},{"fixed":"dbc9a791a70ea47be9f2acf251700fe254a2ab23"},{"fixed":"d68ac38895e84446848b7647ab9458d54cacba3e"},{"fixed":"e78f1a43e72daf77705ad5b9946de66fc708b874"},{"fixed":"d07f951903fa9922c375b8ab1ce81b18a0034e3b"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52669.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.0.0"},{"fixed":"5.10.210"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.149"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.76"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.15"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.7.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52669.json"}}],"schema_version":"1.7.5"}