7.8
CVE-2023-52524
- EPSS 0.18%
- Veröffentlicht 02.03.2024 22:15:48
- Zuletzt bearbeitet 13.01.2025 20:00:51
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net: nfc: llcp: Add lock when modifying device list
In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.4.251 < 5.4.258
Linux ≫ Linux Kernel Version >= 5.10.188 < 5.10.198
Linux ≫ Linux Kernel Version >= 5.15.121 < 5.15.135
Linux ≫ Linux Kernel Version >= 6.1.39 < 6.1.57
Linux ≫ Linux Kernel Version >= 6.5 < 6.5.7
Linux ≫ Linux Kernel Version6.6 Updaterc1
Linux ≫ Linux Kernel Version6.6 Updaterc2
Linux ≫ Linux Kernel Version6.6 Updaterc3
Linux ≫ Linux Kernel Version6.6 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.08 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-667 Improper Locking
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391
https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391
https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b
https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082
https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb
https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916