CVE-2023-52471

In the Linux kernel, the following vulnerability has been resolved: ice: Fix some null pointer dereference issues in ice_ptp.c devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf	Patch
https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

17 Apr 2024, 18:59

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ice: soluciona algunos problemas de desreferencia de puntero nulo en ice_ptp.c devm_kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de falla.
References	~~() https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf -~~	() https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf - Patch
References	~~() https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695 -~~	() https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695 - Patch

26 Feb 2024, 16:32

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-26 16:27

Updated : 2024-04-17 18:59

NVD link : CVE-2023-52471

Mitre link : CVE-2023-52471

CVE.ORG link : CVE-2023-52471

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10