← Back to CVEs
CVE-2023-52573
MEDIUM5.5
Description
In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists before dereferencing it as rdma_set_service_type() argument Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVE Details
CVSS v3.1 Score5.5
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published3/2/2024
Last Modified12/11/2024
Sourcenvd
Honeypot Sightings0
Affected Products
linux:linux_kernel
Weaknesses (CWE)
CWE-476
References
https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.