5.5
CVE-2023-52789
- EPSS 0.25%
- Veröffentlicht 21.05.2024 16:15:17
- Zuletzt bearbeitet 15.01.2025 17:57:15
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
tty: vcc: Add check for kstrdup() in vcc_probe()
In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup() in vcc_probe() Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.14.331
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.300
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.262
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.202
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.140
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.64
Linux ≫ Linux Kernel Version >= 6.2 < 6.5.13
Linux ≫ Linux Kernel Version >= 6.6 < 6.6.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.158 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3
https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac
https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9
https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc
https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06
https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2
https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a
https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200
https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6