CVE-2023-53250

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions linux (affected versions not specified)

Description The Linux kernel contains a flaw in the dmi-sysfs module related to a null-pointer dereference. A previous patch introduced kobject put() to release memory, which calls dmi sysfs entry release() and list del(). However, list add tail(entry->list) was called after the error block, resulting in an uninitialized list head being deleted. The issue was addressed by moving error handling to after list add tail().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Access of Uninitialized Pointer

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-824CWE-476

Related Identifiers

BDU:2026-03953

CVE-2023-53250

OESA-2026-1341

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Debian

Linux

Suse

CVE-2023-53250

Weakness Enumeration

Related Identifiers

Affected Products

References · 1050