CVE-2023-52844

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9	Patch
https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0	Patch
https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad	Patch
https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d	Patch
https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a	Patch
https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9	Patch
https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9	Patch
https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0	Patch
https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad	Patch
https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d	Patch
https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a	Patch
https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-05-21 16:15

Updated : 2025-04-02 14:56

NVD link : CVE-2023-52844

Mitre link : CVE-2023-52844

CVE.ORG link : CVE-2023-52844

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2023-52844", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2024-05-21T16:15:21.653", "references": [{"url": "https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: psi: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: vidtv: psi: Agregar verificaci\u00f3n para kstrdup. Agregue verificaci\u00f3n para el valor de retorno de kstrdup() y devuelva el error si falla para evitar la desreferencia al puntero NULL."}], "lastModified": "2025-04-02T14:56:36.550", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA7751B5-4851-48EF-A993-E848F55A4CD4", "versionEndExcluding": "5.10.201", "versionStartIncluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81424D14-B38F-47B3-A1B8-BC3B60BB96EA", "versionEndExcluding": "5.15.139", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E1EA7E-2788-466C-9FFB-34AFA1B052F0", "versionEndExcluding": "6.1.63", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825F64D9-E99F-49AA-8A7B-EF7C2965C5B2", "versionEndExcluding": "6.5.12", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048", "versionEndExcluding": "6.6.2", "versionStartIncluding": "6.6"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}