CVE-2023-52870
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
21/05/2024
Last modified:
02/04/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data<br />
<br />
Add the check for the return value of mtk_alloc_clk_data() in order to<br />
avoid NULL pointer dereference.
Impact
Base Score 3.x
4.10
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.8 (including) | 5.10.201 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.139 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.63 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.5.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.6 (including) | 6.6.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480
- https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a
- https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946
- https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc
- https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830
- https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f
- https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480
- https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a
- https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946
- https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc
- https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830
- https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f