medium
5.5
CWE
476
EPSS
0.086%
Advisory Published
CVE Published
Updated

CVE-2023-52690: powerpc/powernv: Add a null pointer check to scom_debug_init_one()

First published: Fri May 17 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to avoid memory leaks.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
redhat/kernel<5.4.268
5.4.268
redhat/kernel<5.10.209
5.10.209
redhat/kernel<5.15.148
5.15.148
redhat/kernel<6.1.75
6.1.75
redhat/kernel<6.6.14
6.6.14
redhat/kernel<6.7.2
6.7.2
redhat/kernel<6.8
6.8
>=5.4<5.4.268
>=5.5<5.10.209
>=5.11<5.15.148
>=5.16<6.1.75
>=6.2<6.6.14
>=6.7<6.7.2
=10.0
Linux Kernel>=5.4<5.4.268
Linux Kernel>=5.5<5.10.209
Linux Kernel>=5.11<5.15.148
Linux Kernel>=5.16<6.1.75
Linux Kernel>=6.2<6.6.14
Linux Kernel>=6.7<6.7.2
Debian Linux=10.0
debian/linux
5.10.223-1
5.10.234-1
6.1.129-1
6.1.135-1
6.12.25-1
6.12.27-1

Remedy

https://git.kernel.org/stable/c/1eefa93faf69188540b08b024794fa90b1d82e8b

Remedy

https://git.kernel.org/stable/c/2a82c4439b903639e0a1f21990cd399fb0a49c19

Remedy

https://git.kernel.org/stable/c/9a260f2dd827bbc82cc60eb4f4d8c22707d80742

Remedy

https://git.kernel.org/stable/c/a9c05cbb6644a2103c75b6906e9dafb9981ebd13

Remedy

https://git.kernel.org/stable/c/dd8422ff271c22058560832fc3006324ded895a9

Remedy

https://git.kernel.org/stable/c/ed8d023cfa97b559db58c0e1afdd2eec7a83d8f2

Remedy

https://git.kernel.org/stable/c/f84c1446daa552e9699da8d1f8375eac0f65edc7

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2023-52690?

    CVE-2023-52690 has a medium severity level due to its potential impact on system stability.

  • How do I fix CVE-2023-52690?

    To fix CVE-2023-52690, update the Linux kernel to the appropriate patched version outlined in the remediation section.

  • Which versions of the kernel are affected by CVE-2023-52690?

    CVE-2023-52690 affects several versions of the Linux kernel, specifically versions prior to 5.4.268, 5.10.209, 5.15.148, 6.1.75, 6.6.14, 6.7.2, and 6.8.

  • What is the nature of CVE-2023-52690?

    CVE-2023-52690 is a vulnerability related to a null pointer dereference issue in the Linux kernel's powerpc subsystem.

  • Is CVE-2023-52690 specific to certain distributions?

    Yes, CVE-2023-52690 is reported for the Red Hat and Debian Linux distributions.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203