5.5

CVE-2023-52789

tty: vcc: Add check for kstrdup() in vcc_probe()

In the Linux kernel, the following vulnerability has been resolved:

tty: vcc: Add check for kstrdup() in vcc_probe()

Add check for the return value of kstrdup() and return the error, if it
fails in order to avoid NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.331
LinuxLinux Kernel Version >= 4.15 < 4.19.300
LinuxLinux Kernel Version >= 4.20 < 5.4.262
LinuxLinux Kernel Version >= 5.5 < 5.10.202
LinuxLinux Kernel Version >= 5.11 < 5.15.140
LinuxLinux Kernel Version >= 5.16 < 6.1.64
LinuxLinux Kernel Version >= 6.2 < 6.5.13
LinuxLinux Kernel Version >= 6.6 < 6.6.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.158
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3
Patch
https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac
Patch
https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9
Patch
https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc
Patch
https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06
Patch
https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2
Patch
https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a
Patch
https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200
Patch
https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6
Patch