CVE-2023-52844: media: vidtv: psi: Add check for kstrdup
First published: Tue May 21 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Kernel-devel | ||
| Linux Kernel | >=5.10<5.10.201 | |
| Linux Kernel | >=5.11<5.15.139 | |
| Linux Kernel | >=5.16<6.1.63 | |
| Linux Kernel | >=6.2<6.5.12 | |
| Linux Kernel | >=6.6<6.6.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9
- https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9
- https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0
- https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad
- https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a
- https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d
Frequently Asked Questions
What is the severity of CVE-2023-52844?
CVE-2023-52844 has been classified as a medium-severity vulnerability.
How do I fix CVE-2023-52844?
To fix CVE-2023-52844, update your Linux kernel to a patched version provided by your distribution.
What systems are affected by CVE-2023-52844?
CVE-2023-52844 affects systems running the Linux kernel, particularly those using the media: vidtv: psi subsystem.
What are the consequences of not addressing CVE-2023-52844?
Not addressing CVE-2023-52844 may lead to potential crashes or unexpected behavior due to NULL pointer dereferencing.
Is CVE-2023-52844 a remote or local vulnerability?
CVE-2023-52844 is considered a local vulnerability that requires access to the affected system to exploit.
- agent/references
- agent/title
- agent/first-publish-date
- agent/type
- agent/description
- agent/author
- agent/severity
- agent/event
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- vendor/linux
- canonical/red hat kernel-devel
- canonical/linux kernel
- version/linux kernel/5.10
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.2
- version/linux kernel/6.6