Primary

Context

Linux Kernel RTL9300 I2C Controller Out-of-Bounds Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's I2C RTL9300 controller driver allows for out-of-bounds memory access. This issue arises because the 'data->block[0]' variable, which is user-supplied, can be excessively large if not properly validated. The vulnerability has been addressed by implementing a check on the value of 'data->block[0]' before it is used.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing memory corruption or allowing for arbitrary code execution.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.

Added: Sep 5, 2025, 8:05 PM

Updated: Sep 5, 2025, 8:05 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

5.0

exploitability

4.0

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

5.0

exploitability

4.0

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RTL9300 I2C Controller Out-of-Bounds Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating