CVE-2023-53561

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s wwan subsystem, specifically within the iosm component. During a suspend and resume cycle, a NULL pointer dereference can occur during device removal if the ipc imem wwan channel init() function fails to obtain valid device capabilities, preventing resource allocation. Subsequently, attempting to deinitialize the unallocated wwan structure within ipc wwan deinit() leads to the dereference error. The ipc imem run state worker() function has been updated to handle return values and release resources in failure scenarios, also reporting link down events to user space applications for potential device reset.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.