Vulnerability Details : CVE-2023-52789
In the Linux kernel, the following vulnerability has been resolved:
tty: vcc: Add check for kstrdup() in vcc_probe()
Add check for the return value of kstrdup() and return the error, if it
fails in order to avoid NULL pointer dereference.
Vulnerability category: Memory Corruption
Products affected by CVE-2023-52789
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-52789
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-52789
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST | 2025-01-15 |
CWE ids for CVE-2023-52789
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-52789
-
https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06
tty: vcc: Add check for kstrdup() in vcc_probe() - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to