PT-2024-14781 · Linux+7 · Linux Kernel+7

Sicong Huang

·

Published

2024-02-05

·

Updated

2026-03-14

·

CVE-2023-52918

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.48
Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the cx23885 vdev init() function. This function can return a NULL pointer, which is then used without a check, potentially leading to a system crash. Local attackers may exploit this issue to crash the system.
Recommendations For Linux kernel versions prior to 6.6.48, upgrade the kernel to a version that includes the fix for this issue, such as version 6.6.48 or later. As a temporary workaround, consider adding a NULL pointer check in the cx23885 vdev init() function to prevent the null pointer dereference.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-12535
ALT-PU-2024-14046
BDU:2025-01983
CVE-2023-52918
DLA-4008-1
OESA-2024-2321
OESA-2024-2322
OESA-2024-2323
OESA-2024-2324
OESA-2024-2325
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4376-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4100-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:0034-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu