CVE-2023-54178

Summary

In the Linux kernel, the following vulnerability has been resolved:

of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()

when kmalloc() fail to allocate memory in kasprintf(), name or full_name will be NULL, strcmp() will cause null pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < c364fa869b33ca42a263bf91c22fce7e6c61d479affected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < 0b7d715511915a1b39f5fdcbe57a7922dfd66513affected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < dadf0d0dfcc81cdcb27ba5426676d13a9e4fb925affected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < f41c65f8d05be734898cbe72af59a401b97d298aaffected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < ea5bc6f5aa099e3e84d037282836234ad77cba88affected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < 43cc228099c514467b8074d7ede6673cef9f33b9affected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < c74ae8124f9687062dd99858f34c9d027ddd73daaffected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < 2dd8ee9de71ad8447f8459fb01dade7f6c7132daaffected
LinuxLinux0d638a07d3a1e98a7598eb2812a6236324e4c55f < d6ce4f0ea19c32f10867ed93d8386924326ab474affected
LinuxLinux4.14affected
LinuxLinux0 < 4.14unaffected
LinuxLinux4.14.326 <= 4.14.*unaffected
LinuxLinux4.19.295 <= 4.19.*unaffected
LinuxLinux5.4.257 <= 5.4.*unaffected
LinuxLinux5.10.195 <= 5.10.*unaffected
LinuxLinux5.15.132 <= 5.15.*unaffected
LinuxLinux6.1.53 <= 6.1.*unaffected
LinuxLinux6.4.16 <= 6.4.*unaffected
LinuxLinux6.5.3 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References