Vulnerabilities > CVE-2023-52915 - NULL Pointer Dereference vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach af9035_i2c_master_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/b2f54ed7739dfdf42c4df0a11131aad7c8635464
- https://git.kernel.org/stable/c/fa58d9db5cad4bb7bb694b6837e3b96d87554f2b
- https://git.kernel.org/stable/c/b49c6e5dd236787f13a062ec528d724169f11152
- https://git.kernel.org/stable/c/6c01ef65de0b321b2db1ef9abf8f1d15862b937e
- https://git.kernel.org/stable/c/d9ef84a7c222497ecb5fdf93361c76931804825e
- https://git.kernel.org/stable/c/0143f282b15f7cedc0392ea10050fb6000fd16e6
- https://git.kernel.org/stable/c/41b7181a40af84448a2b144fb02d8bf32b7e9a23
- https://git.kernel.org/stable/c/7bf744f2de0a848fb1d717f5831b03db96feae89