5.5
CVE-2023-53470
- EPSS 0.15%
- Veröffentlicht 01.10.2025 12:15:49
- Zuletzt bearbeitet 20.01.2026 15:51:57
- CVE-Watchlists
- Unerledigt
ionic: catch failure from devlink_alloc
In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If devlink_alloc() fails and we try to use devlink_priv() on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will still fail, but at least it won't panic the kernel.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.4 < 5.15.112
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.29
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.16
Linux ≫ Linux Kernel Version >= 6.3 < 6.3.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.041 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/0020c16c8af7f4bc9503a2088fb30793b6771fac
https://git.kernel.org/stable/c/0d02efe7f25158c93146e3bb827bc7bb3cd5e71a
https://git.kernel.org/stable/c/4a54903ff68ddb33b6463c94b4eb37fc584ef760
https://git.kernel.org/stable/c/5325f50de5b1433b27dda7ccff5cb7283722a3f1
https://git.kernel.org/stable/c/c177dd465f5c1e5f242cdb9258826c591c257e9a