CVE-2023-52650

drm/tegra: dsi: Add missing check for of_find_device_by_node

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return
the error if it fails in order to avoid NULL pointer dereference.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/tegra: dsi: Agregar verificación faltante para of_find_device_by_node Agregue verificación para el valor de retorno de of_find_device_by_node() y devuelva el error si falla para evitar la desreferencia al puntero NULL.

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return the error if it fails in order to avoid NULL pointer dereference.

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-06 CVE Reserved
2024-05-01 CVE Published
2024-12-19 CVE Updated
2025-03-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (14)

URL	Tag	Source
https://git.kernel.org/stable/c/e94236cde4d519cdecd45e2435defba33abdc99f	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80	2024-03-26
https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5	2024-03-26
https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129	2024-03-26
https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d	2024-03-26
https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6	2024-03-26
https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976	2024-03-26
https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9	2024-03-26
https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc	2024-03-26
https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d	2023-12-14

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-52650	2024-11-12
https://bugzilla.redhat.com/show_bug.cgi?id=2278522	2024-11-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 4.19.311 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.19.311"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 5.4.273 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 5.4.273"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 5.10.214 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 5.10.214"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 5.15.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 5.15.153"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 6.1.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 6.1.83"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 6.6.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 6.7.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 6.8.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 6.9"		en		Affected