GoogleOSV:CVE-2023-52869

HistoryMay 21, 2024 - 4:15 p.m.

CVE-2023-52869

2024-05-2116:15:00

Google

osv.dev

linux kernel

pstore platform

vulnerability

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved: pstore/platform: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.

References

git.kernel.org/linus/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c

git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a

git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688

git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9

git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c

git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f

git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f

ubuntu.com/security/CVE-2023-52869

www.cve.org/CVERecord?id=CVE-2023-52869

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

JSON

Related for OSV:CVE-2023-52869