CVE-2023-52470 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

References

Link	Resource
https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088	Patch
https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1	Patch
https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41	Patch
https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb	Patch
https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4	Patch
https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310	Patch
https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85	Patch
https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97	Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Linux

Published: 2024-02-25T08:16:33.636Z

Updated: 2024-05-28T19:50:01.946Z

Reserved: 2024-02-20T12:30:33.297Z

Link: CVE-2023-52470

JSON object: View

NVD Information

Status : Modified

Published: 2024-02-26T16:27:48.820

Modified: 2024-06-27T13:15:53.093

Link: CVE-2023-52470

JSON object: View

Redhat Information

No data.

CWE

CWE-476

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52470", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.297Z", "datePublished": "2024-02-25T08:16:33.636Z", "dateUpdated": "2024-05-28T19:50:01.946Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-28T19:50:01.946Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/radeon/radeon_display.c"], "versions": [{"version": "fa7f517cb26e", "lessThan": "21b164566071", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "5d12c5d75f7c", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "57ca7984806d", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "14bbfaa5df27", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "c4ff55408187", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "0b813a6a0087", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "fb2d8bc9b5e5", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "7a2464fac80d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/radeon/radeon_display.c"], "versions": [{"version": "3.16", "status": "affected"}, {"version": "0", "lessThan": "3.16", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41"}, {"url": "https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4"}, {"url": "https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb"}, {"url": "https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1"}, {"url": "https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85"}, {"url": "https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088"}, {"url": "https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97"}, {"url": "https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "title": "drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()", "x_generator": {"engine": "bippy-a5840b7849dd"}}}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CCC29CC-47BF-4450-B416-B4D8D169DF0F", "versionEndExcluding": "4.19.306", "versionStartIncluding": "3.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "35ADF607-EDCA-45AB-8FB6-9F2D40D47C0C", "versionEndExcluding": "5.4.268", "versionStartIncluding": "4.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D2E4F24-2FBB-4434-8598-2B1499E566B5", "versionEndExcluding": "5.10.209", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E25E1389-4B0F-407A-9C94-5908FF3EE88B", "versionEndExcluding": "5.15.148", "versionStartIncluding": "5.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C4951FA-80C0-4B4C-9836-6E5035DEB0F9", "versionEndExcluding": "6.1.75", "versionStartIncluding": "5.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDBBEB0E-D13A-4567-8984-51C5375350B9", "versionEndExcluding": "6.6.14", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EA3778C-730B-464C-8023-18CA6AC0B807", "versionEndExcluding": "6.7.2", "versionStartIncluding": "6.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/radeon: verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() para evitar null-ptr-deref."}], "id": "CVE-2023-52470", "lastModified": "2024-06-27T13:15:53.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-26T16:27:48.820", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}