Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2023-52607 |
CWE-ID | CWE-476 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90841
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52607
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/21e45a7b08d7cd98d6a53c5fc5111879f2d96611
http://git.kernel.org/stable/c/f6781add1c311c17eff43e14c786004bbacf901e
http://git.kernel.org/stable/c/aa28eecb43cac6e20ef14dfc50b8892c1fbcda5b
http://git.kernel.org/stable/c/ac3ed969a40357b0542d20f096a6d43acdfa6cc7
http://git.kernel.org/stable/c/d482d61025e303a2bef3733a011b6b740215cfa1
http://git.kernel.org/stable/c/145febd85c3bcc5c74d87ef9a598fc7d9122d532
http://git.kernel.org/stable/c/ffd29dc45bc0355393859049f6becddc3ed08f74
http://git.kernel.org/stable/c/f46c8a75263f97bda13c739ba1c90aced0d3b071
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.