7.5

CVE-2023-52696

powerpc/powernv: Add a null pointer check in opal_powercap_init()

In the Linux kernel, the following vulnerability has been resolved:

powerpc/powernv: Add a null pointer check in opal_powercap_init()

kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.4.268
LinuxLinux Kernel Version >= 5.5 < 5.10.209
LinuxLinux Kernel Version >= 5.11 < 5.15.148
LinuxLinux Kernel Version >= 5.16 < 6.1.75
LinuxLinux Kernel Version >= 6.2 < 6.6.14
LinuxLinux Kernel Version >= 6.7 < 6.7.2
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.85% 0.534
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/69f95c5e9220f77ce7c540686b056c2b49e9a664
Patch
https://git.kernel.org/stable/c/6b58d16037217d0c64a2a09b655f370403ec7219
Patch
https://git.kernel.org/stable/c/9da4a56dd3772570512ca58aa8832b052ae910dc
Patch
https://git.kernel.org/stable/c/a67a04ad05acb56640798625e73fa54d6d41cce1
Patch
https://git.kernel.org/stable/c/b02ecc35d01a76b4235e008d2dd292895b28ecab
Patch
https://git.kernel.org/stable/c/e123015c0ba859cf48aa7f89c5016cc6e98e018d
Patch
https://git.kernel.org/stable/c/f152a6bfd187f67afeffc9fd68cbe46f51439be0
Patch