#VU91229 NULL pointer dereference in Linux kernel - CVE-2023-52853
Published: June 5, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU91229
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-52853
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cp2112_gpio_irq_startup() and cp2112_probe() functions in drivers/hid/hid-cp2112.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6
- https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819
- https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd
- https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf
- https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38
- https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592
- https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c
- https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.299
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.139
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.261
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.63
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7