CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group()
In the Linux kernel, the following vulnerability has been resolved:
powerpc/imc-pmu: Add a null pointer check in updateeventsingroup()
kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
powerpc/imc-pmu: Add a null pointer check in updateeventsingroup()
The Linux kernel CVE team has assigned CVE-2023-52675 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051749-CVE-2023-52675-4d66@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by the lack of a null pointer check in updateeventsingroup(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2023-52675?
CVE-2023-52675 has been classified as a moderate severity vulnerability.
How do I fix CVE-2023-52675?
To resolve CVE-2023-52675, update the Linux kernel to one of the fixed versions provided by your distribution.
Which Linux kernel versions are affected by CVE-2023-52675?
CVE-2023-52675 affects many Linux kernel versions prior to 4.19.306, 5.4.268, 5.10.209, 5.15.148, 6.1.75, and various versions in the 6.x series.
What impact does CVE-2023-52675 have?
CVE-2023-52675 could potentially allow a local user to exploit a null pointer dereference in the Linux kernel.
Are there any known exploits for CVE-2023-52675?
At this time, there are no known public exploits specifically targeting CVE-2023-52675.