CVE-2024-57983

CVE-2024-57983 is a memory corruption vulnerability in the Linux kernel's th1520 mailbox driver, stemming from an incorrectly sized array used in the th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq functions. These functions are designed to save and restore the four interrupt mask registers in the MBOX ICU0 during suspend and resume operations. Due to the array being undersized, accessing all four registers results in out-of-bounds memory writes, classified under CWE-787. The vulnerability carries a CVSS v3.1 base score of 7.8.

A local attacker with low privileges can exploit this issue with low complexity and no user interaction required, as indicated by the vector AV:L/AC:L/PR:L/UI:N/S:U. Successful exploitation enables high-impact confidentiality, integrity, and availability violations (C:H/I:H/A:H), potentially allowing arbitrary code execution, data tampering, or system crashes during kernel suspend/resume cycles on affected th1520 hardware.

The provided kernel patch references detail the mitigation: commits at https://git.kernel.org/stable/c/2cd12c7fba59f30369e8647a2b726c7280903304 and https://git.kernel.org/stable/c/db049866943a38bf46a34fa120d526663339d7a5 correct the array size to properly accommodate all four interrupt mask registers, preventing the out-of-bounds access during suspend and resume. Security practitioners should ensure systems using the th1520 mailbox driver apply these stable kernel updates promptly.