7.8

CVE-2023-52524

net: nfc: llcp: Add lock when modifying device list

In the Linux kernel, the following vulnerability has been resolved:

net: nfc: llcp: Add lock when modifying device list

The device list needs its associated lock held when modifying it, or the
list could become corrupted, as syzbot discovered.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.251 < 5.4.258
LinuxLinux Kernel Version >= 5.10.188 < 5.10.198
LinuxLinux Kernel Version >= 5.15.121 < 5.15.135
LinuxLinux Kernel Version >= 6.1.39 < 6.1.57
LinuxLinux Kernel Version >= 6.5 < 6.5.7
LinuxLinux Kernel Version6.6 Updaterc1
LinuxLinux Kernel Version6.6 Updaterc2
LinuxLinux Kernel Version6.6 Updaterc3
LinuxLinux Kernel Version6.6 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.08
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391
Patch
https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391
Patch
https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b
Patch
https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082
Patch
https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb
Patch
https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916
Patch