PT-2024-14780 · Linux+6 · Linux Kernel+6
Published
2024-09-20
·
Updated
2025-06-09
·
CVE-2023-52917
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.58
Description
A critical vulnerability in the Linux kernel has been identified, specifically in the 'ntb: intel' section, related to the debugfs create dir() function. This function returns error pointers and never returns NULL, so it should be checked using IS ERR(). The vulnerability poses significant risks and allows potential exploitation. Users are urged to update to the latest kernel version to mitigate risks.
Recommendations
To resolve the issue, update to Linux kernel version 6.6.58 or later. As a temporary workaround, consider restricting access to the debugfs create dir() function until a patch is available. Ensure your systems are updated to the latest patch to mitigate risks. For detailed remediation steps, check the official patch details.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu