PT-2023-8775 · Linux+7 · Linux Kernel+7

Publicado

2023-12-05

·

Atualizado

2025-09-29

·

CVE-2023-52462

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a function in the Linux kernel that incorrectly checks a register when it is spilled onto a stack. This can potentially allow an attacker to impact the integrity of protected information. The problem arises when a register is spilled onto a stack as a 1/2/4-byte register, and the slot type array is not properly consulted to determine if a stack slot has a spilled register. To resolve this, a helper function is spilled reg() can be used.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476CWE-19

Identificadores relacionados

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17576
BDU:2024-01865
CVE-2023-52462
DLA-3841-1
INFSA-2024_9315
OESA-2024-1396
OESA-2024-1397
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2024:0855-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
USN-6688-1
USN-6725-1
USN-6725-2
USN-6765-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4

Produtos afetados

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu