CVE-2023-52465

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-52465
In the Linux kernel, the following vulnerability has been resolved: power: supply: Fix null pointer dereference in smb2_probe devm_kasprintf and devm_kzalloc return a pointer to dynamically allocated memory which can be NULL upon failure.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/88f04bc3e737155e13caddf0ba8ed19db87f0212 Patch
https://git.kernel.org/stable/c/bd3d2ec447ede9da822addf3960a5f4275e3ae76 Patch
https://git.kernel.org/stable/c/e2717302fbc20f148bcda362facee0444b949a3a Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

17 Apr 2024, 19:16

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-476
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: power: Supply: se corrigió la desreferencia del puntero nulo en smb2_probe, devm_kasprintf y devm_kzalloc devuelven un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de falla.
References () https://git.kernel.org/stable/c/88f04bc3e737155e13caddf0ba8ed19db87f0212 - () https://git.kernel.org/stable/c/88f04bc3e737155e13caddf0ba8ed19db87f0212 - Patch
References () https://git.kernel.org/stable/c/bd3d2ec447ede9da822addf3960a5f4275e3ae76 - () https://git.kernel.org/stable/c/bd3d2ec447ede9da822addf3960a5f4275e3ae76 - Patch
References () https://git.kernel.org/stable/c/e2717302fbc20f148bcda362facee0444b949a3a - () https://git.kernel.org/stable/c/e2717302fbc20f148bcda362facee0444b949a3a - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

26 Feb 2024, 16:32

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-26 16:27

Updated : 2024-04-17 19:16

NVD link : CVE-2023-52465

Mitre link : CVE-2023-52465

CVE.ORG link : CVE-2023-52465

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference