Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2023-52457
HistoryFeb 23, 2024 - 2:46 p.m.

CVE-2023-52457 serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed

2024-02-2314:46:19
Linux
github.com
1
linux kernel
vulnerability
resource freeing

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

serial: 8250: omap: Don’t skip resource freeing if pm_runtime_resume_and_get() failed

Returning an error code from .remove() makes the driver core emit the
little helpful error message:

remove callback returned a non-zero value. This will be ignored.

and then remove the device anyhow. So all resources that were not freed
are leaked in this case. Skipping serial8250_unregister_port() has the
potential to keep enough of the UART around to trigger a use-after-free.

So replace the error return (and with it the little helpful error
message) by a more useful error message and continue to cleanup.

Related

debiancve 1
cvelist 1
prion 1
cve 1
nvd 1
ubuntucve 1
osv 17
redos 1
ubuntu 15
nessus 22
openvas 17
debiancve
debiancve
CVE-2023-52457
2024-02-23 15:15:08
cvelist
cvelist
CVE-2023-52457 serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed
2024-02-23 14:46:19
prion
prion
Spoofing
2024-02-23 15:15:00
cve
cve
CVE-2023-52457
2024-02-23 15:15:08
nvd
nvd
CVE-2023-52457
2024-02-23 15:15:08
ubuntucve
ubuntucve
CVE-2023-52457
2024-02-23 00:00:00
osv
osv
kernel-devel-6.7.9-1.1 on GA media
2024-06-15 00:00:00
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2024-04-09 13:46:16
linux-iot vulnerabilities
2024-04-16 21:25:54
redos
redos
ROS-20240813-02
2024-08-13 00:00:00
ubuntu
ubuntu
Linux kernel (IoT) vulnerabilities
2024-04-16 00:00:00
Linux kernel vulnerabilities
2024-04-09 00:00:00
Linux kernel (Xilinx ZynqMP) vulnerabilities
2024-04-17 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-6726-3)
2024-04-17 00:00:00
Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6726-2)
2024-04-17 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6726-1)
2024-04-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6726-3)
2024-04-18 00:00:00
Ubuntu: Security Advisory (USN-6726-1)
2024-04-10 00:00:00
Ubuntu: Security Advisory (USN-6726-2)
2024-04-17 00:00:00

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2023-52457
debiancve1cvelist1prion1cve1nvd1ubuntucve1osv17redos1ubuntu15nessus22openvas17