[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-52443":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":86,"related":87,"reserved_at":9,"published_at":106,"modified_at":107,"state":108,"summary":109,"references_raw":118,"kevs":162,"epss":163,"epss_history":166,"metrics":435,"affected":441},"CVE-2023-52443","In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: avoid crash when parsed profile name is empty\n\nWhen processing a packed profile in unpack_profile() described like\n\n \"profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}\"\n\na string \":samba-dcerpcd\" is unpacked as a fully-qualified name and then\npassed to aa_splitn_fqname().\n\naa_splitn_fqname() treats \":samba-dcerpcd\" as only containing a namespace.\nThus it returns NULL for tmpname, meanwhile tmpns is non-NULL. Later\naa_alloc_profile() crashes as the new profile name is NULL now.\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 6 PID: 1657 Comm: apparmor_parser Not tainted 6.7.0-rc2-dirty #16\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\nRIP: 0010:strlen+0x1e/0xa0\nCall Trace:\n \u003CTASK>\n ? strlen+0x1e/0xa0\n aa_policy_init+0x1bb/0x230\n aa_alloc_profile+0xb1/0x480\n unpack_profile+0x3bc/0x4960\n aa_unpack+0x309/0x15e0\n aa_replace_profiles+0x213/0x33c0\n policy_update+0x261/0x370\n profile_replace+0x20e/0x2a0\n vfs_write+0x2af/0xe00\n ksys_write+0x126/0x250\n do_syscall_64+0x46/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n \u003C/TASK>\n---[ end trace 0000000000000000 ]---\nRIP: 0010:strlen+0x1e/0xa0\n\nIt seems such behaviour of aa_splitn_fqname() is expected and checked in\nother places where it is called (e.g. aa_remove_profiles). Well, there\nis an explicit comment \"a ns name without a following profile is allowed\"\ninside.\n\nAFAICS, nothing can prevent unpacked \"name\" to be in form like\n\":samba-dcerpcd\" - it is passed from userspace.\n\nDeny the whole profile set replacement in such case and inform user with\nEPROTO and an explaining message.\n\nFound by Linux Verification Center (linuxtesting.org).",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84],{"_key":25},"SUSE-SU-2024:0856-1",{"_key":27},"SUSE-SU-2024:0857-1",{"_key":29},"SUSE-SU-2024:0900-2",{"_key":31},"SUSE-SU-2024:0900-1",{"_key":33},"SUSE-SU-2024:0925-1",{"_key":35},"SUSE-SU-2024:0926-1",{"_key":37},"SUSE-SU-2024:0975-1",{"_key":39},"SUSE-SU-2024:0976-1",{"_key":41},"SUSE-SU-2024:0855-1",{"_key":43},"SUSE-SU-2024:0858-1",{"_key":45},"SUSE-SU-2024:0910-1",{"_key":47},"SUSE-SU-2024:0977-1",{"_key":49},"DLA-3840-1",{"_key":51},"DLA-3841-1",{"_key":53},"DEBIAN-CVE-2023-52443",{"_key":55},"UBUNTU-CVE-2023-52443",{"_key":57},"USN-6726-1",{"_key":59},"USN-6726-2",{"_key":61},"USN-6726-3",{"_key":63},"USN-6688-1",{"_key":65},"USN-6725-1",{"_key":67},"USN-6725-2",{"_key":69},"USN-6818-1",{"_key":71},"USN-6818-3",{"_key":73},"USN-6818-4",{"_key":75},"USN-6819-1",{"_key":77},"USN-6819-3",{"_key":79},"USN-6819-4",{"_key":81},"USN-6926-1",{"_key":83},"USN-6926-2",{"_key":85},"USN-6926-3",[],[88,89,90,91,92,93,94,95,96,98,100,102,103,104,105],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":97},"USN-6765-1",{"_key":99},"USN-6818-2",{"_key":101},"USN-6819-2",{"_key":41},{"_key":43},{"_key":45},{"_key":47},"2024-02-22T16:13:31.154Z","2026-05-11T19:27:25.961Z","Modified",{"cisa_kev":110,"cisa_ransomware":110,"cisa_vendor":9,"epss_severity":111,"epss_score":112,"severity":113,"severity_score":114,"severity_version":115,"severity_source":116,"severity_vector":117,"severity_status":108},false,"low",0.00019,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[119,125,129,133,137,141,145,149,153,158],{"url":120,"sources":121,"tags":123},"https://git.kernel.org/stable/c/9286ee97aa4803d99185768735011d0d65827c9e",[122,116],"cve.org",[124],"Patch",{"url":126,"sources":127,"tags":128},"https://git.kernel.org/stable/c/1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf",[122,116],[124],{"url":130,"sources":131,"tags":132},"https://git.kernel.org/stable/c/5ff00408e5029d3550ee77f62dc15f1e15c47f87",[122,116],[124],{"url":134,"sources":135,"tags":136},"https://git.kernel.org/stable/c/0a12db736edbb4933e4274932aeea594b5876fa4",[122,116],[124],{"url":138,"sources":139,"tags":140},"https://git.kernel.org/stable/c/9d4fa5fe2b1d56662afd14915a73b4d0783ffa45",[122,116],[124],{"url":142,"sources":143,"tags":144},"https://git.kernel.org/stable/c/5c0392fdafb0a2321311900be83ffa572bef8203",[122,116],[124],{"url":146,"sources":147,"tags":148},"https://git.kernel.org/stable/c/77ab09b92f16c8439a948d1af489196953dc4a0e",[122,116],[124],{"url":150,"sources":151,"tags":152},"https://git.kernel.org/stable/c/55a8210c9e7d21ff2644809699765796d4bfb200",[122,116],[124],{"url":154,"sources":155,"tags":156},"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html",[122,116],[157],"X Transferred",{"url":159,"sources":160,"tags":161},"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",[122,116],[157],[],{"date":164,"score":112,"percentile":165},"2026-06-03",0.05347,[167,171,174,177,180,183,186,189,192,195,198,201,204,207,210,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,326,329,331,334,337,340,343,346,349,352,355,358,361,364,367,370,373,376,379,382,385,388,390,393,396,399,402,405,408,411,414,417,420,423,426,429,432],{"date":168,"score":169,"percentile":170},"2025-11-04",0.00021,0.04302,{"date":172,"score":169,"percentile":173},"2025-11-05",0.04311,{"date":175,"score":169,"percentile":176},"2025-11-06",0.0442,{"date":178,"score":169,"percentile":179},"2025-11-07",0.0443,{"date":181,"score":169,"percentile":182},"2025-11-08",0.04434,{"date":184,"score":169,"percentile":185},"2025-11-09",0.04436,{"date":187,"score":169,"percentile":188},"2025-11-10",0.04422,{"date":190,"score":169,"percentile":191},"2025-11-11",0.04456,{"date":193,"score":169,"percentile":194},"2025-11-12",0.04491,{"date":196,"score":169,"percentile":197},"2025-11-13",0.04523,{"date":199,"score":169,"percentile":200},"2025-11-14",0.04541,{"date":202,"score":169,"percentile":203},"2025-11-15",0.04576,{"date":205,"score":169,"percentile":206},"2025-11-16",0.04593,{"date":208,"score":169,"percentile":209},"2025-11-17",0.0458,{"date":211,"score":212,"percentile":213},"2025-11-18",0.00066,0.16182,{"date":215,"score":212,"percentile":216},"2025-11-19",0.16195,{"date":218,"score":212,"percentile":219},"2025-11-20",0.16177,{"date":221,"score":169,"percentile":222},"2025-11-21",0.04608,{"date":224,"score":169,"percentile":225},"2025-11-22",0.04616,{"date":227,"score":169,"percentile":228},"2025-11-23",0.04615,{"date":230,"score":169,"percentile":231},"2025-11-24",0.04588,{"date":233,"score":169,"percentile":234},"2025-11-25",0.04598,{"date":236,"score":169,"percentile":237},"2025-11-26",0.04643,{"date":239,"score":169,"percentile":240},"2025-11-27",0.04656,{"date":242,"score":169,"percentile":243},"2025-11-28",0.04644,{"date":245,"score":169,"percentile":246},"2025-11-29",0.04701,{"date":248,"score":169,"percentile":249},"2025-11-30",0.04706,{"date":251,"score":169,"percentile":252},"2025-12-01",0.04803,{"date":254,"score":169,"percentile":255},"2025-12-02",0.04816,{"date":257,"score":169,"percentile":258},"2025-12-03",0.04842,{"date":260,"score":169,"percentile":261},"2025-12-04",0.04788,{"date":263,"score":169,"percentile":264},"2025-12-05",0.04861,{"date":266,"score":169,"percentile":267},"2025-12-06",0.04877,{"date":269,"score":169,"percentile":267},"2025-12-07",{"date":271,"score":169,"percentile":272},"2025-12-08",0.04879,{"date":274,"score":169,"percentile":275},"2025-12-09",0.04923,{"date":277,"score":169,"percentile":278},"2025-12-10",0.04979,{"date":280,"score":169,"percentile":281},"2025-12-11",0.04963,{"date":283,"score":169,"percentile":284},"2025-12-12",0.04978,{"date":286,"score":169,"percentile":287},"2025-12-13",0.05015,{"date":289,"score":169,"percentile":290},"2025-12-14",0.05005,{"date":292,"score":169,"percentile":293},"2025-12-15",0.04965,{"date":295,"score":169,"percentile":296},"2025-12-16",0.04964,{"date":298,"score":169,"percentile":299},"2025-12-17",0.05022,{"date":301,"score":169,"percentile":302},"2025-12-18",0.05061,{"date":304,"score":169,"percentile":305},"2025-12-19",0.05043,{"date":307,"score":169,"percentile":308},"2025-12-20",0.05045,{"date":310,"score":169,"percentile":311},"2025-12-21",0.05055,{"date":313,"score":169,"percentile":314},"2025-12-22",0.04986,{"date":316,"score":169,"percentile":317},"2025-12-23",0.04996,{"date":319,"score":169,"percentile":320},"2025-12-24",0.05017,{"date":322,"score":169,"percentile":323},"2025-12-25",0.05052,{"date":325,"score":169,"percentile":323},"2025-12-26",{"date":327,"score":169,"percentile":328},"2025-12-27",0.05058,{"date":330,"score":169,"percentile":305},"2025-12-28",{"date":332,"score":169,"percentile":333},"2025-12-29",0.05035,{"date":335,"score":169,"percentile":336},"2025-12-30",0.04974,{"date":338,"score":169,"percentile":339},"2025-12-31",0.04998,{"date":341,"score":169,"percentile":342},"2026-01-01",0.05075,{"date":344,"score":169,"percentile":345},"2026-01-02",0.0507,{"date":347,"score":169,"percentile":348},"2026-01-03",0.05053,{"date":350,"score":169,"percentile":351},"2026-01-04",0.04955,{"date":353,"score":112,"percentile":354},"2026-01-05",0.04158,{"date":356,"score":112,"percentile":357},"2026-01-06",0.04157,{"date":359,"score":112,"percentile":360},"2026-01-07",0.04178,{"date":362,"score":112,"percentile":363},"2026-01-08",0.0421,{"date":365,"score":112,"percentile":366},"2026-01-09",0.04214,{"date":368,"score":112,"percentile":369},"2026-01-10",0.04225,{"date":371,"score":112,"percentile":372},"2026-01-11",0.04208,{"date":374,"score":112,"percentile":375},"2026-01-12",0.04205,{"date":377,"score":112,"percentile":378},"2026-01-13",0.04197,{"date":380,"score":112,"percentile":381},"2026-01-14",0.0424,{"date":383,"score":112,"percentile":384},"2026-01-15",0.04165,{"date":386,"score":112,"percentile":387},"2026-01-16",0.04137,{"date":389,"score":112,"percentile":387},"2026-01-17",{"date":391,"score":112,"percentile":392},"2026-01-18",0.0412,{"date":394,"score":112,"percentile":395},"2026-01-19",0.04068,{"date":397,"score":112,"percentile":398},"2026-01-20",0.04026,{"date":400,"score":112,"percentile":401},"2026-01-21",0.04015,{"date":403,"score":112,"percentile":404},"2026-01-22",0.04019,{"date":406,"score":112,"percentile":407},"2026-01-23",0.0407,{"date":409,"score":112,"percentile":410},"2026-01-24",0.04114,{"date":412,"score":112,"percentile":413},"2026-01-25",0.04105,{"date":415,"score":112,"percentile":416},"2026-01-26",0.04095,{"date":418,"score":112,"percentile":419},"2026-01-27",0.04083,{"date":421,"score":112,"percentile":422},"2026-01-28",0.04066,{"date":424,"score":112,"percentile":425},"2026-01-29",0.04082,{"date":427,"score":112,"percentile":428},"2026-01-30",0.04085,{"date":430,"score":112,"percentile":431},"2026-01-31",0.04067,{"date":433,"score":112,"percentile":434},"2026-02-01",0.04174,[436],{"source":116,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":437,"cvss_v4_0":9},{"baseScore":114,"baseSeverity":438,"vectorString":117,"impactScore":439,"exploitabilityScore":440},"MEDIUM",6,4.6,[442,477],{"ecosystem":9,"name":443,"vendor":444,"product":444,"cpe_part":445,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":446},"Linux","linux","a",[447,454,457,460,463,466,469,472,475],{"version":448,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":452,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 9286ee97aa4803d99185768735011d0d65827c9e",true,"04dc715e24d0820bf8740e1a1135ed61fe162bc8","including","9286ee97aa4803d99185768735011d0d65827c9e","excluding",{"version":455,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":456,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf","1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf",{"version":458,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":459,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 5ff00408e5029d3550ee77f62dc15f1e15c47f87","5ff00408e5029d3550ee77f62dc15f1e15c47f87",{"version":461,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":462,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 0a12db736edbb4933e4274932aeea594b5876fa4","0a12db736edbb4933e4274932aeea594b5876fa4",{"version":464,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":465,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 9d4fa5fe2b1d56662afd14915a73b4d0783ffa45","9d4fa5fe2b1d56662afd14915a73b4d0783ffa45",{"version":467,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":468,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 5c0392fdafb0a2321311900be83ffa572bef8203","5c0392fdafb0a2321311900be83ffa572bef8203",{"version":470,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":471,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 77ab09b92f16c8439a948d1af489196953dc4a0e","77ab09b92f16c8439a948d1af489196953dc4a0e",{"version":473,"is_range":449,"range_type":122,"version_start":450,"version_start_type":451,"version_end":474,"version_end_type":453,"fixed_in":9},">= 04dc715e24d0820bf8740e1a1135ed61fe162bc8, \u003C 55a8210c9e7d21ff2644809699765796d4bfb200","55a8210c9e7d21ff2644809699765796d4bfb200",{"version":476,"is_range":110,"range_type":122,"version_start":476,"version_start_type":451,"version_end":476,"version_end_type":451,"fixed_in":9},"4.11",{"ecosystem":9,"name":478,"vendor":444,"product":479,"cpe_part":480,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":481},"linux kernel","linux_kernel","o",[482,486,490,494,498,502,506],{"version":483,"is_range":449,"range_type":484,"version_start":9,"version_start_type":9,"version_end":485,"version_end_type":453,"fixed_in":9},"lt4.19.306","cpe","4.19.306",{"version":487,"is_range":449,"range_type":484,"version_start":488,"version_start_type":451,"version_end":489,"version_end_type":453,"fixed_in":9},"gte4.20_lt5.4.268","4.20","5.4.268",{"version":491,"is_range":449,"range_type":484,"version_start":492,"version_start_type":451,"version_end":493,"version_end_type":453,"fixed_in":9},"gte5.5.0_lt5.10.209","5.5.0","5.10.209",{"version":495,"is_range":449,"range_type":484,"version_start":496,"version_start_type":451,"version_end":497,"version_end_type":453,"fixed_in":9},"gte5.11.0_lt5.15.148","5.11.0","5.15.148",{"version":499,"is_range":449,"range_type":484,"version_start":500,"version_start_type":451,"version_end":501,"version_end_type":453,"fixed_in":9},"gte5.16.0_lt6.1.75","5.16.0","6.1.75",{"version":503,"is_range":449,"range_type":484,"version_start":504,"version_start_type":451,"version_end":505,"version_end_type":453,"fixed_in":9},"gte6.2.0_lt6.6.14","6.2.0","6.6.14",{"version":507,"is_range":449,"range_type":484,"version_start":508,"version_start_type":451,"version_end":509,"version_end_type":453,"fixed_in":9},"gte6.7.0_lt6.7.2","6.7.0","6.7.2"]