CVE-2023-52690

Summary

In the Linux kernel, the following vulnerability has been resolved:

powerpc/powernv: Add a null pointer check to scom_debug_init_one()

kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to avoid memory leaks.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < f84c1446daa552e9699da8d1f8375eac0f65edc7affected
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < 1eefa93faf69188540b08b024794fa90b1d82e8baffected
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < 2a82c4439b903639e0a1f21990cd399fb0a49c19affected
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < ed8d023cfa97b559db58c0e1afdd2eec7a83d8f2affected
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < dd8422ff271c22058560832fc3006324ded895a9affected
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < a9c05cbb6644a2103c75b6906e9dafb9981ebd13affected
LinuxLinuxbfd2f0d49aef8abfe6bf58f12719f39912993cc6 < 9a260f2dd827bbc82cc60eb4f4d8c22707d80742affected
LinuxLinux5.4affected
LinuxLinux0 < 5.4unaffected
LinuxLinux5.4.268 <= 5.4.*unaffected
LinuxLinux5.10.209 <= 5.10.*unaffected
LinuxLinux5.15.148 <= 5.15.*unaffected
LinuxLinux6.1.75 <= 6.1.*unaffected
LinuxLinux6.6.14 <= 6.6.*unaffected
LinuxLinux6.7.2 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References