6.2
MEDIUM
CVE-2023-52838
Linux Kernel Fbdev Imsttfb Uninitialized Resource Leak
Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs).

INFO

Published Date :

May 21, 2024, 4:15 p.m.

Last Modified :

April 2, 2025, 2:57 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

2.5
Affected Products

The following products are affected by CVE-2023-52838 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-52838.

URL Resource
https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a Patch
https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485 Patch
https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d Patch
https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d Patch
https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513 Patch
https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4 Patch
https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b Patch
https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00 Patch
https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a Patch
https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485 Patch
https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d Patch
https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d Patch
https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513 Patch
https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4 Patch
https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b Patch
https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00 Patch

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-52838 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-52838 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Apr. 02, 2025

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.14.322 up to (excluding) 4.15 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.6 up to (excluding) 6.6.2 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.19.291 up to (excluding) 4.19.299 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.10.188 up to (excluding) 5.10.201 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.15.116 up to (excluding) 5.15.139 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.4.251 up to (excluding) 5.4.261 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.1.33 up to (excluding) 6.1.63 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.3.7 up to (excluding) 6.5.12
    Added Reference Type CVE: https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485 Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513 Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4 Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b Types: Patch
    Added Reference Type CVE: https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00 Types: Patch
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Dec. 04, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Added CWE CWE-416
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a
    Added Reference https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485
    Added Reference https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d
    Added Reference https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d
    Added Reference https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513
    Added Reference https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4
    Added Reference https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b
    Added Reference https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 29, 2024

    Action Type Old Value New Value
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 21, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs).
    Added Reference kernel.org https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00 [No types assigned]
    Added Reference kernel.org https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-52838 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-52838 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
:
© cvefeed.io
Latest DB Update: May. 14, 2025 19:08