CVE-2023-52524

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: nfc: llcp: Add lock when modifying device list

The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxdd6ff3f3862709ab1a12566e73b9d6a9b8f6e548 < 191d87a19cf1005ecf41e1ae08d74e17379e8391affected
LinuxLinux96f2c6f272ec04083d828de46285a7d7b17d1aad < dba849cc98113b145c6e720122942c00b8012bdbaffected
LinuxLinuxfc8429f8d86801f092fbfbd257c3af821ac0dcd3 < 4837a192f6d06d5bb2f3f47d6ce5353ab69bf86baffected
LinuxLinux425d9d3a92df7d96b3cfb7ee5c240293a21cbde3 < 7562780e32b84196731d57dd24563546fcf6d082affected
LinuxLinux6709d4b7bc2e079241fdef15d1160581c5261c10 < 29c16c2bf5866326d5fbc4a537b3997fcac23391affected
LinuxLinux6709d4b7bc2e079241fdef15d1160581c5261c10 < dfc7f7a988dad34c3bf4c053124fb26aa6c5f916affected
LinuxLinuxb3ad46e155a6d91b36c6e892019a43e3ef3c696daffected
LinuxLinuxe5207c1d69b1a9707615ab6ff9376e59fc096815affected
LinuxLinux5.4.251 < 5.4.258affected
LinuxLinux5.10.188 < 5.10.198affected
LinuxLinux5.15.121 < 5.15.135affected
LinuxLinux6.1.39 < 6.1.57affected
LinuxLinux6.3.13 < 6.4affected
LinuxLinux6.4.4 < 6.5affected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux5.4.258 <= 5.4.*unaffected
LinuxLinux5.10.198 <= 5.10.*unaffected
LinuxLinux5.15.135 <= 5.15.*unaffected
LinuxLinux6.1.57 <= 6.1.*unaffected
LinuxLinux6.5.7 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References