CVE-2023-52844
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
21/05/2024
Last modified:
02/04/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
media: vidtv: psi: Add check for kstrdup<br />
<br />
Add check for the return value of kstrdup() and return the error<br />
if it fails in order to avoid NULL pointer dereference.
Impact
Base Score 3.x
6.20
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.10 (including) | 5.10.201 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.139 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.63 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.5.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.6 (including) | 6.6.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9
- https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0
- https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad
- https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d
- https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a
- https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9
- https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9
- https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0
- https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad
- https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d
- https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a
- https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9