5.5

CVE-2023-52869

pstore/platform: Add check for kstrdup

In the Linux kernel, the following vulnerability has been resolved:

pstore/platform: Add check for kstrdup

Add check for the return value of kstrdup() and return the error
if it fails in order to avoid NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.8 < 5.10.201
LinuxLinux Kernel Version >= 5.11 < 5.15.139
LinuxLinux Kernel Version >= 5.16 < 6.1.63
LinuxLinux Kernel Version >= 6.2 < 6.5.12
LinuxLinux Kernel Version >= 6.6 < 6.6.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.127
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a
Patch
https://git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688
Patch
https://git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9
Patch
https://git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c
Patch
https://git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f
Patch
https://git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f
Patch