CVE-2023-52918

Description

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: check cx23885_vdev_init() return cx23885_vdev_init() can return a NULL pointer, but that pointer is used in the next line without a check. Add a NULL pointer check and go to the error unwind if it is NULL.

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 2%

Techniques & Countermeasures

• CWE-476•NULL Pointer Dereference

  The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

• linux•linux

  ≥ e47f30b140333525ea682ec672641b470da1e599, < 8e31b096e2e1949bc8f0be019c9ae70d414404c6 | ≥ e47f30b140333525ea682ec672641b470da1e599, < 199a42fc4c45e8b7f19efeb15dbc36889a599ac2 | ≥ e47f30b140333525ea682ec672641b470da1e599, < e7385510e2550a9f8b6f3d5f33c5b894ab9ba976 | ≥ e47f30b140333525ea682ec672641b470da1e599, < a5f1d30c51c485cec7a7de60205667c3ff86c303 | ≥ e47f30b140333525ea682ec672641b470da1e599, < 06ee04a907d64ee3910fecedd05d7f1be4b1b70e | ≥ e47f30b140333525ea682ec672641b470da1e599, < b1397fb4a779fca560c43d2acf6702d41b4a495b | ≥ e47f30b140333525ea682ec672641b470da1e599, < 15126b916e39b0cb67026b0af3c014bfeb1f76b3 | 2.6.25

• linux•linux_kernel

  < 4.19.321 | ≥ 4.20, < 5.4.283 | ≥ 5.5, < 5.10.225 | ≥ 5.11, < 5.15.166 | ≥ 5.16, < 6.1.107 | ≥ 6.2, < 6.6.48

References (8)

• https://git.kernel.org/stable/c/8e31b096e2e1949bc8f0be019c9ae70d414404c6
• https://git.kernel.org/stable/c/199a42fc4c45e8b7f19efeb15dbc36889a599ac2
• https://git.kernel.org/stable/c/e7385510e2550a9f8b6f3d5f33c5b894ab9ba976
• https://git.kernel.org/stable/c/a5f1d30c51c485cec7a7de60205667c3ff86c303
• https://git.kernel.org/stable/c/06ee04a907d64ee3910fecedd05d7f1be4b1b70e
• https://git.kernel.org/stable/c/b1397fb4a779fca560c43d2acf6702d41b4a495b
• https://git.kernel.org/stable/c/15126b916e39b0cb67026b0af3c014bfeb1f76b3
• https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html