PT-2023-8799 · Linux+4 · Linux Kernel+4

Publicado

2023-09-18

·

Atualizado

2025-09-29

·

CVE-2023-52567

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the Linux kernel's 8250 port component, where an error in handling IRQ data can lead to a kernel NULL pointer dereference. This occurs when the leaf driver uses IRQ polling and the IIR register indicates an interrupt happened in the 8250 hardware, but the IRQ data is NULL. The system may already be awake, and skipping the wake event is necessary to prevent the error. Without the fix, a kernel NULL pointer dereference occurs, leading to a system crash.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALSA-2025_16880
ALT-PU-2023-8487
BDU:2024-01939
CVE-2023-52567
OESA-2024-1500
OESA-2024-1501
OPENSUSE-SU-2024_1321-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
SUSE-SU-2024:1320-1
SUSE-SU-2024:1321-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1

Produtos afetados

Alt Linux
Astra Linux
Linux Kernel
Red Os
Suse