CVE-2023-53834

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's IIO subsystem, specifically within the ina2xx driver, related to a NULL pointer dereference during device tree matching. This occurs when the device tree includes a compatible string, such as "ti,ina232", that is not declared within the driver itself. The issue arises because the I2C device ID information is populated using the first compatible string, potentially leading to a NULL pointer when no matching entry exists in the legacy I2C device ID table. The fix involves utilizing the already populated type variable instead and adding a generic name to the ina2xx config table.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53834

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Debian

Linux Kernel

Ina232

CVE-2023-53834

Related Identifiers

Affected Products

References · 2180