CVE-2023-52876 : In the Linux kernel, the following vulnerability has been resolved: clk: mediat

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.

Published 2024-05-21 15:32:09

Updated 2025-01-06 20:31:44

Source Linux

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2023-52876

Linux » Linux Kernel
Versions from including (>=) 5.0 and before (<) 5.4.261
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.6 and before (<) 6.6.2
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.16 and before (<) 6.1.63
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.15.139
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.2 and before (<) 6.5.12
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.201
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-52876

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 15 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-52876

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2025-01-06
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2023-52876

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-52876

https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd76feeb9

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2023-52876

Products affected by CVE-2023-52876

Exploit prediction scoring system (EPSS) score for CVE-2023-52876

CVSS scores for CVE-2023-52876

CWE ids for CVE-2023-52876

References for CVE-2023-52876