CVE-2023-52904

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate() The subs function argument may be NULL, so do not use it before the NULL check.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/92a9c0ad86d47ff4cce899012e355c400f02cfb8	Patch
https://git.kernel.org/stable/c/a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8	Patch
https://git.kernel.org/stable/c/f57204edc10760c935d8d36ea999dc8acf018030

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

17 Oct 2024, 14:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/f57204edc10760c935d8d36ea999dc8acf018030 -

12 Sep 2024, 17:22

Type	Values Removed	Values Added
CWE		CWE-476
References	~~() https://git.kernel.org/stable/c/92a9c0ad86d47ff4cce899012e355c400f02cfb8 -~~	() https://git.kernel.org/stable/c/92a9c0ad86d47ff4cce899012e355c400f02cfb8 - Patch
References	~~() https://git.kernel.org/stable/c/a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8 -~~	() https://git.kernel.org/stable/c/a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8 - Patch
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:-:::::::*

21 Aug 2024, 12:30

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-21 07:15

Updated : 2024-10-17 14:15

NVD link : CVE-2023-52904

Mitre link : CVE-2023-52904

CVE.ORG link : CVE-2023-52904

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10