CVE-2023-52607
IBM PowerPC Kernel Null Pointer Dereference Vulnerability
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.
INFO
Published Date :
March 6, 2024, 7:15 a.m.
Last Modified :
March 14, 2025, 6:47 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | MEDIUM | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
Solution
- Update the affected kernel packages.
- Reboot the system after updating.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-52607.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-52607 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-52607
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-52607 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-52607 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Mar. 14, 2025
Action Type Old Value New Value Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 from (excluding) 6.7.4 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 from (excluding) 6.6.16 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 from (excluding) 6.1.77 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (excluding) 4.19.307 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 from (including) 5.4.269 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 from (including) 5.15.149 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 from (including) 5.10.210 Added Reference Type CVE: https://git.kernel.org/stable/c/145febd85c3bcc5c74d87ef9a598fc7d9122d532 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/145febd85c3bcc5c74d87ef9a598fc7d9122d532 Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/21e45a7b08d7cd98d6a53c5fc5111879f2d96611 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/21e45a7b08d7cd98d6a53c5fc5111879f2d96611 Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/aa28eecb43cac6e20ef14dfc50b8892c1fbcda5b Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/aa28eecb43cac6e20ef14dfc50b8892c1fbcda5b Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/ac3ed969a40357b0542d20f096a6d43acdfa6cc7 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/ac3ed969a40357b0542d20f096a6d43acdfa6cc7 Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/d482d61025e303a2bef3733a011b6b740215cfa1 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/d482d61025e303a2bef3733a011b6b740215cfa1 Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/f46c8a75263f97bda13c739ba1c90aced0d3b071 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/f46c8a75263f97bda13c739ba1c90aced0d3b071 Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/f6781add1c311c17eff43e14c786004bbacf901e Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/f6781add1c311c17eff43e14c786004bbacf901e Types: Patch Added Reference Type CVE: https://git.kernel.org/stable/c/ffd29dc45bc0355393859049f6becddc3ed08f74 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/ffd29dc45bc0355393859049f6becddc3ed08f74 Types: Patch Added Reference Type CVE: https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html Types: Patch -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference https://git.kernel.org/stable/c/145febd85c3bcc5c74d87ef9a598fc7d9122d532 Added Reference https://git.kernel.org/stable/c/21e45a7b08d7cd98d6a53c5fc5111879f2d96611 Added Reference https://git.kernel.org/stable/c/aa28eecb43cac6e20ef14dfc50b8892c1fbcda5b Added Reference https://git.kernel.org/stable/c/ac3ed969a40357b0542d20f096a6d43acdfa6cc7 Added Reference https://git.kernel.org/stable/c/d482d61025e303a2bef3733a011b6b740215cfa1 Added Reference https://git.kernel.org/stable/c/f46c8a75263f97bda13c739ba1c90aced0d3b071 Added Reference https://git.kernel.org/stable/c/f6781add1c311c17eff43e14c786004bbacf901e Added Reference https://git.kernel.org/stable/c/ffd29dc45bc0355393859049f6becddc3ed08f74 Added Reference https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Nov. 05, 2024
Action Type Old Value New Value Added CWE CISA-ADP CWE-476 Added CVSS V3.1 CISA-ADP AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Nov. 04, 2024
Action Type Old Value New Value Removed Reference kernel.org https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 25, 2024
Action Type Old Value New Value Added Reference kernel.org https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html [No types assigned] -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 29, 2024
Action Type Old Value New Value -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 14, 2024
Action Type Old Value New Value -
CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Mar. 06, 2024
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity. Added Reference Linux https://git.kernel.org/stable/c/21e45a7b08d7cd98d6a53c5fc5111879f2d96611 [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/f6781add1c311c17eff43e14c786004bbacf901e [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/aa28eecb43cac6e20ef14dfc50b8892c1fbcda5b [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/ac3ed969a40357b0542d20f096a6d43acdfa6cc7 [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/d482d61025e303a2bef3733a011b6b740215cfa1 [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/145febd85c3bcc5c74d87ef9a598fc7d9122d532 [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/ffd29dc45bc0355393859049f6becddc3ed08f74 [No types assigned] Added Reference Linux https://git.kernel.org/stable/c/f46c8a75263f97bda13c739ba1c90aced0d3b071 [No types assigned]