PT-2023-9707 · Linux+3 · Linux Kernel+3

Tomi Valkeinen

Publicado

2023-09-05

Atualizado

2025-02-03

CVE-2023-52856

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc2+

Description The vulnerability is related to the lt8912b driver in the Linux kernel, which causes a crash on bridge detach due to a NULL pointer dereference. The driver's bridge detach function calls drm connector unregister() and drm connector cleanup(), but these functions should only be called for connectors explicitly registered with drm connector register(), which is not the case in lt8912b. This results in a kernel crash.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the vulnerability. Specifically, versions prior to 6.5.0-rc2+ are affected, so updating to 6.5.0-rc2+ or later will resolve the issue.

At the moment, there is no information about a newer version that contains a fix for this vulnerability, other than updating to 6.5.0-rc2+ or later.

Exploit

Correção

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

BDU:2024-10209

CVE-2023-52856

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Produtos afetados

Astra Linux

Linux Kernel

Red Os

Suse

PT-2023-9707 · Linux+3 · Linux Kernel+3

CVE-2023-52856

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2537