PT-2024-14729 · Linux+4 · Linux Kernel+4

Billy Tsai

Published

2023-10-23

Updated

2026-03-14

CVE-2023-52763

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A kernel panic can occur when accessing DAT data due to the i3c master bus init function attaching I2C devices before I3C bus initialization. The DAT alloc entry is used before the DAT init, and if i3c master bus init fails, the DAT cleanup executes before device detachment, leading to the DAT free entry function being called. This scenario causes the driver to use DAT data when it is NULL.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-158

Related Identifiers

BDU:2025-15439

CVE-2023-52763

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Affected Products

Astra Linux

Debian

Linux Kernel

Red Os

Suse

PT-2024-14729 · Linux+4 · Linux Kernel+4

CVE-2023-52763

Weakness Enumeration

Related Identifiers

Affected Products

References · 2536