0.0
NA
CVE-2023-52605
CVE-2016-10307 Windows Hyper-V Insecure Direct Object Reference
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

March 6, 2024, 7:15 a.m.

Last Modified :

March 18, 2024, 3:15 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

Exploitability Score :

Public PoC/Exploit Available at Github

CVE-2023-52605 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-52605 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
NaInSec/CVE-LIST

Ini adalah repository kumpulan CVE v.5

allcve cve cvelist newcve

Updated: 1 month, 3 weeks ago
2 stars 0 fork 0 watcher
Born at : March 24, 2024, 3:01 p.m. This repo has been linked 1214 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-52605 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-52605 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 18, 2024

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 18, 2024

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: ACPI: extlog: fix NULL pointer dereference check The gcc plugin -fanalyzer [1] tries to detect various patterns of incorrect behaviour. The tool reports: drivers/acpi/acpi_extlog.c: In function ‘extlog_exit’: drivers/acpi/acpi_extlog.c:307:12: warning: check of ‘extlog_l1_addr’ for NULL after already dereferencing it [-Wanalyzer-deref-before-check] | | 306 | ((struct extlog_l1_head *)extlog_l1_addr)->flags &= ~FLAG_OS_OPTIN; | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ | | | | | (1) pointer ‘extlog_l1_addr’ is dereferenced here | 307 | if (extlog_l1_addr) | | ~ | | | | | (2) pointer ‘extlog_l1_addr’ is checked for NULL here but it was already dereferenced at (1) | Fix the NULL pointer dereference check in extlog_exit(). Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org https://git.kernel.org/stable/c/b7b33627be0626b16ca321b982d6a2261ef7f703
    Removed Reference kernel.org https://git.kernel.org/stable/c/d2049af7ddbc361702c3e1f09bd6c5e9488454ca
    Removed Reference kernel.org https://git.kernel.org/stable/c/b17a71435e7e153e949df018244a98b4ede04069
    Removed Reference kernel.org https://git.kernel.org/stable/c/5457b0cbaa0238fc56b855c4ef2c0b9cc9c559ab
    Removed Reference kernel.org https://git.kernel.org/stable/c/33650372e3ead97c5ab3b84d9ad97737bc5e00c0
    Removed Reference kernel.org https://git.kernel.org/stable/c/f066171de33d71ff0f7c46bd17636a5a26db3fb6
    Removed Reference kernel.org https://git.kernel.org/stable/c/77846571b3ba6a6125a20ad109bb8514ba884cf9
    Removed Reference kernel.org https://git.kernel.org/stable/c/72d9b9747e78979510e9aafdd32eb99c7aa30dd1
  • CVE Translated by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 18, 2024

    Action Type Old Value New Value
    Removed Translation Title: kernel de Linux Description: En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: extlog: corrige la verificación de desreferencia del puntero NULL El complemento gcc -fanalyzer [1] intenta detectar varios patrones de comportamiento incorrecto. La herramienta informa: drivers/acpi/acpi_extlog.c: En función 'extlog_exit': drivers/acpi/acpi_extlog.c:307:12: advertencia: verificación de 'extlog_l1_addr' para NULL después de desreferenciarlo [-Wanalyzer-deref-before -verificar] | | 306 | ((struct extlog_l1_head *)extlog_l1_addr)->flags &= ~FLAG_OS_OPTIN; | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ | | | | | (1) Aquí se elimina la referencia al puntero 'extlog_l1_addr' | 307 | si (extlog_l1_addr) | | ~ | | | | | (2) El puntero 'extlog_l1_addr' está marcado como NULL aquí pero ya se eliminó la referencia en (1) | Corrija la verificación de desreferencia del puntero NULL en extlog_exit().
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 06, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: ACPI: extlog: fix NULL pointer dereference check The gcc plugin -fanalyzer [1] tries to detect various patterns of incorrect behaviour. The tool reports: drivers/acpi/acpi_extlog.c: In function ‘extlog_exit’: drivers/acpi/acpi_extlog.c:307:12: warning: check of ‘extlog_l1_addr’ for NULL after already dereferencing it [-Wanalyzer-deref-before-check] | | 306 | ((struct extlog_l1_head *)extlog_l1_addr)->flags &= ~FLAG_OS_OPTIN; | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ | | | | | (1) pointer ‘extlog_l1_addr’ is dereferenced here | 307 | if (extlog_l1_addr) | | ~ | | | | | (2) pointer ‘extlog_l1_addr’ is checked for NULL here but it was already dereferenced at (1) | Fix the NULL pointer dereference check in extlog_exit().
    Added Reference Linux https://git.kernel.org/stable/c/b7b33627be0626b16ca321b982d6a2261ef7f703 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/d2049af7ddbc361702c3e1f09bd6c5e9488454ca [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/b17a71435e7e153e949df018244a98b4ede04069 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/5457b0cbaa0238fc56b855c4ef2c0b9cc9c559ab [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/33650372e3ead97c5ab3b84d9ad97737bc5e00c0 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/f066171de33d71ff0f7c46bd17636a5a26db3fb6 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/77846571b3ba6a6125a20ad109bb8514ba884cf9 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/72d9b9747e78979510e9aafdd32eb99c7aa30dd1 [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-52605 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-52605 weaknesses.

NONE - Vulnerability Scoring System
: