SB2024050815 - Local denial of service in Linux kernel mfd syscon
Published: May 8, 2024
Security Bulletin ID
SB2024050815
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2023-52467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the of_syscon_register() function in drivers/mfd/syscon.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/927626a2073887ee30ba00633260d4d203f8e875
- https://git.kernel.org/stable/c/c3e3a2144bf50877551138ffce9f7aa6ddfe385b
- https://git.kernel.org/stable/c/527e8c5f3d00299822612c495d5adf1f8f43c001
- https://git.kernel.org/stable/c/3ef1130deee98997275904d9bfc37af75e1e906c
- https://git.kernel.org/stable/c/7f2c410ac470959b88e03dadd94b7a0b71df7973
- https://git.kernel.org/stable/c/41673c66b3d0c09915698fec5c13b24336f18dd1