CVE-2023-53244

EPSS 0.02%
Veröffentlicht 15.09.2025 14:46:12
Zuletzt bearbeitet 15.09.2025 15:22:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish

When the driver calls tw68_risc_buffer() to prepare the buffer, the
function call dma_alloc_coherent may fail, resulting in a empty buffer
buf->cpu. Later when we free the buffer or access the buffer, null ptr
deref is triggered.

This bug is similar to the following one:
https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71.

We believe the bug can be also dynamically triggered from user side.
Similarly, we fix this by checking the return value of tw68_risc_buffer()
and the value of buf->cpu before buffer free.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < dcf632bca424e6ff8c8eb89c96694e7f05cd29b6

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 3c67f49a6643d973e83968ea35806c7b5ae68b56

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 3715c5e9a8f96b6ed0dcbea06da443efccac1ecc

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 1634b7adcc5bef645b3666fdd564e5952a9e24e0

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.047

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6

https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea35806c7b5ae68b56

https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06da443efccac1ecc

https://git.kernel.org/stable/c/1634b7adcc5bef645b3666fdd564e5952a9e24e0

https://nvd.nist.gov/vuln/detail/CVE-2023-53244

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53244

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53244

EUVD