CVE-2023-52607

Summary

In the Linux kernel, the following vulnerability has been resolved:

powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < 21e45a7b08d7cd98d6a53c5fc5111879f2d96611affected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < f6781add1c311c17eff43e14c786004bbacf901eaffected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < aa28eecb43cac6e20ef14dfc50b8892c1fbcda5baffected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < ac3ed969a40357b0542d20f096a6d43acdfa6cc7affected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < d482d61025e303a2bef3733a011b6b740215cfa1affected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < 145febd85c3bcc5c74d87ef9a598fc7d9122d532affected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < ffd29dc45bc0355393859049f6becddc3ed08f74affected
LinuxLinuxa0668cdc154e54bf0c85182e0535eea237d53146 < f46c8a75263f97bda13c739ba1c90aced0d3b071affected
LinuxLinux2.6.33affected
LinuxLinux0 < 2.6.33unaffected
LinuxLinux4.19.307 <= 4.19.*unaffected
LinuxLinux5.4.269 <= 5.4.*unaffected
LinuxLinux5.10.210 <= 5.10.*unaffected
LinuxLinux5.15.149 <= 5.15.*unaffected
LinuxLinux6.1.77 <= 6.1.*unaffected
LinuxLinux6.6.16 <= 6.6.*unaffected
LinuxLinux6.7.4 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References