CVE-2023-52919

Summary

In the Linux kernel, the following vulnerability has been resolved:

nfc: nci: fix possible NULL pointer dereference in send_acknowledge()

Handle memory allocation failure from nci_skb_alloc() (calling alloc_skb()) to avoid possible NULL pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < 2b2edf089df3a69f0072c6e71563394c5a94e62eaffected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < 5622592f8f74ae3e594379af02e64ea84772d0ddaffected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < 76050b0cc5a72e0c7493287b7e18e1cb9e3c4612affected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < c95fa5b20fe03609e0894656fa43c18045b5097eaffected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < ffdc881f68073ff86bf21afb9bb954812e8278beaffected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < d7dbdbe3800a908eecd4975c31be47dd45e2104aaffected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < bb6cacc439ddd2cd51227ab193f4f91cfc7f014faffected
LinuxLinux391d8a2da787257aeaf952c974405b53926e3fb3 < 7937609cd387246aed994e81aa4fa951358fba41affected
LinuxLinux3.11affected
LinuxLinux0 < 3.11unaffected
LinuxLinux4.14.328 <= 4.14.*unaffected
LinuxLinux4.19.297 <= 4.19.*unaffected
LinuxLinux5.4.259 <= 5.4.*unaffected
LinuxLinux5.10.199 <= 5.10.*unaffected
LinuxLinux5.15.137 <= 5.15.*unaffected
LinuxLinux6.1.60 <= 6.1.*unaffected
LinuxLinux6.5.9 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References