CVE-2023-52696NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference23 documents8 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 48.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
LinuxLinux KernelDebian Linux+5 more
Timeline
PublishedMay 17
Latest updateJun 26

Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

NVDlinux/linux_kernel4.205.4.268+5
Debianlinux/linux_kernel< 5.10.209-1+3
CVEListV5linux/linuxb9ef7b4b867f56114bedbe6bf104cfaba0ca818e9da4a56dd3772570512ca58aa8832b052ae910dc+7

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

10
OSV
linux-oracle-6.5 vulnerabilities2024-06-26
OSV
linux-hwe-6.5 vulnerabilities2024-06-18
OSV
linux-nvidia-6.5 vulnerabilities2024-06-14
OSV
linux-oem-6.5 vulnerabilities2024-06-12
OSV
linux-aws, linux-oracle vulnerabilities2024-06-11

📋Vendor Advisories

11
Ubuntu
Linux kernel (Oracle) vulnerabilities2024-06-26
Ubuntu
Linux kernel (HWE) vulnerabilities2024-06-18
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2024-06-14
Ubuntu
Linux kernel (OEM) vulnerabilities2024-06-12
Ubuntu
Linux kernel vulnerabilities2024-06-11

💬Community

1
Bugzilla
CVE-2023-52696 kernel: powerpc/powernv: Add a null pointer check in opal_powercap_init()2024-05-18
CVE-2023-52696 — NULL Pointer Dereference in Linux | cvebase