Main Vulnerability Database SB20240531369

SB20240531369 - NULL pointer dereference in Linux kernel clk mediatek driver

Published: May 31, 2024 Updated: May 14, 2025

Security Bulletin ID SB20240531369

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2023-52870)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the clk_mt6765_apmixed_probe(), clk_mt6765_top_probe() and clk_mt6765_ifr_probe() functions in drivers/clk/mediatek/clk-mt6765.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a
https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946
https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f
https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480
https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc
https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.139
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.63
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.12
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.2
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7