-

CVE-2023-53480

EPSS 0.03%
Veröffentlicht 01.10.2025 12:15:50
Zuletzt bearbeitet 02.10.2025 19:12:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

kobject: Add sanity check for kset->kobj.ktype in kset_register()

When I register a kset in the following way:
	static struct kset my_kset;
	kobject_set_name(&my_kset.kobj, "my_kset");
        ret = kset_register(&my_kset);

A null pointer dereference exception is occurred:
[ 4453.568337] Unable to handle kernel NULL pointer dereference at \
virtual address 0000000000000028
... ...
[ 4453.810361] Call trace:
[ 4453.813062]  kobject_get_ownership+0xc/0x34
[ 4453.817493]  kobject_add_internal+0x98/0x274
[ 4453.822005]  kset_register+0x5c/0xb4
[ 4453.825820]  my_kobj_init+0x44/0x1000 [my_kset]
... ...

Because I didn't initialize my_kset.kobj.ktype.

According to the description in Documentation/core-api/kobject.rst:
 - A ktype is the type of object that embeds a kobject.  Every structure
   that embeds a kobject needs a corresponding ktype.

So add sanity check to make sure kset->kobj.ktype is not NULL.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 1792eac72e27f676bf9ebde28a5afea627fb85f0

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 039ec9db2d30032eafa365f5f89b30eca5322b05

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 964e025ceefdf75da46b0133d0c2790de451aeec

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 5df5829158513134ddcaf2184d9286eda7b0bb18

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < f3f6bf22a4f5ba649cf26ae4670de5c7f861bdef

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 48aebbe801e78a8932404c122ed0e880ccedc220

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 1a772881bc059c596d8ca587cbd2a233edce3d3b

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 4d0fe8c52bb3029d83e323c961221156ab98680b

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 4.14.*

Version 4.14.326

Status unaffected

Version <= 4.19.*

Version 4.19.295

Status unaffected

Version <= 5.4.*

Version 5.4.257

Status unaffected

Version <= 5.10.*

Version 5.10.197

Status unaffected

Version <= 5.15.*

Version 5.15.133

Status unaffected

Version <= 6.1.*

Version 6.1.55

Status unaffected

Version <= 6.5.*

Version 6.5.5

Status unaffected

Version <= *

Version 6.6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.081

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/039ec9db2d30032eafa365f5f89b30eca5322b05

https://git.kernel.org/stable/c/1792eac72e27f676bf9ebde28a5afea627fb85f0

https://git.kernel.org/stable/c/1a772881bc059c596d8ca587cbd2a233edce3d3b

https://git.kernel.org/stable/c/48aebbe801e78a8932404c122ed0e880ccedc220

https://git.kernel.org/stable/c/4d0fe8c52bb3029d83e323c961221156ab98680b

https://git.kernel.org/stable/c/5df5829158513134ddcaf2184d9286eda7b0bb18

https://git.kernel.org/stable/c/964e025ceefdf75da46b0133d0c2790de451aeec

https://git.kernel.org/stable/c/f3f6bf22a4f5ba649cf26ae4670de5c7f861bdef

https://nvd.nist.gov/vuln/detail/CVE-2023-53480

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53480

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53480

EUVD