CVE-2023-52858

clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data

Severity Score

6.2

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data

Add the check for the return value of mtk_alloc_clk_data() in order to
avoid NULL pointer dereference.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt7629: Agregar verificación para mtk_alloc_clk_data. Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL.

*Credits: N/A

CVSS Scores

CISAv3.1 6.2

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/3b5e748615e714711220b2a95d19bd25a037db09	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/e8ae4b49dd9cfde69d8de8c0c0cd7cf1b004482e	2023-11-20
https://git.kernel.org/stable/c/4f861b63945e076f9f003a5fad958174096df1ee	2023-11-20
https://git.kernel.org/stable/c/e964d21dc034b650d719c4ea39564bec72b42f94	2023-11-20
https://git.kernel.org/stable/c/a836efc21ef04608333d6d05753e558ebd1f85d0	2023-11-20
https://git.kernel.org/stable/c/1d89430fc3158f872d492f1b88d07262f48290c0	2023-11-20
https://git.kernel.org/stable/c/5fbea47eebff5daeca7d918c99289bcd3ae4dc8d	2023-11-20
https://git.kernel.org/stable/c/2befa515c1bb6cdd33c262b909d93d1973a219aa	2023-10-19

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.4.261 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.4.261"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.10.201 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.10.201"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.15.139 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.15.139"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 6.1.63 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 6.1.63"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 6.5.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 6.5.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 6.6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 6.6.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 6.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 6.7"		en		Affected