Ubuntu.comUB:CVE-2023-52473CVE-2023-52473
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved:
thermal: core: Fix NULL pointer dereference in zone registration error path
If device_register() in thermal_zone_device_register_with_trips() returns
an error, the tz variable is set to NULL and subsequently dereferenced in
kfree(tz->tzp). Commit adc8749b150c (“thermal/drivers/core: Use
put_device() if device_register() fails”) added the tz = NULL assignment in
question to avoid a possible double-free after dropping the reference to
the zone device. However, after commit 4649620d9404 (“thermal: core: Make
thermal_zone_device_unregister() return after freeing the zone”), that
assignment has become redundant, because dropping the reference to the zone
device does not cause the zone object to be freed any more. Drop it to
address the NULL pointer dereference.
Notes
| Author | Note |
|---|---|
| Priority reason: NULL pointer on device registration error which is very unlikely for an attacker to be able to influence and hence cause. | |
| rodrigo-zaiden | USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 23.10 | noarch | linux | < 6.5.0-41.41 | UNKNOWN |
| ubuntu | 24.04 | noarch | linux | < 6.8.0-7.7 | UNKNOWN |
| ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1021.21 | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | linux-azure | < 6.5.0-1022.23 | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure-6.5 | < 6.5.0-1022.23~22.04.1 | UNKNOWN |
| ubuntu | 23.10 | noarch | linux-gcp | < 6.5.0-1022.24 | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
References
git.kernel.org/linus/04e6ccfc93c5a1aa1d75a537cf27e418895e20ea (6.8-rc1)
launchpad.net/bugs/cve/CVE-2023-52473
nvd.nist.gov/vuln/detail/CVE-2023-52473
security-tracker.debian.org/tracker/CVE-2023-52473
ubuntu.com/security/notices/USN-6818-1
ubuntu.com/security/notices/USN-6818-2
ubuntu.com/security/notices/USN-6818-3
ubuntu.com/security/notices/USN-6818-4
ubuntu.com/security/notices/USN-6819-1
ubuntu.com/security/notices/USN-6819-2
ubuntu.com/security/notices/USN-6819-3
www.cve.org/CVERecord?id=CVE-2023-52473
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%