CVE-2023-53328NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance sanity check while generating attr_list ni_create_attr_list uses WARN_ON to catch error cases while generating attribute list, which only prints out stack trace and may not be enough. This repalces them with more proper error handling flow. [ 59.666332] BUG: kernel NULL pointer dereference, address: 000000000000000e [ 59.673268] #PF: supervisor read access in kernel mode [ 59.678354] #PF: error_code(0x0000)

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.155.15.128+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux4534a70b7056fd4b9a1c6db5a4ce3c98546b291ee7799bb4dbe26bfb665f29ea87981708fd6012d8+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53328: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance sanity check while generating attr_list ni_create_attr_list uses2025-09-16
GHSA
GHSA-q5jc-r55m-4xv5: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance sanity check while generating attr_list ni_create_attr_list us2025-09-16

📋Vendor Advisories

2
Red Hat
kernel: fs/ntfs3: Enhance sanity check while generating attr_list2025-09-16
Debian
CVE-2023-53328: linux - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: E...2023
CVE-2023-53328 — NULL Pointer Dereference in Linux | cvebase