CVE-2023-52472

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52472
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52472.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52472
Downstream
Related
Published
2024-02-25T08:16:34Z
Modified
2025-10-21T14:03:45.998609Z
Summary
crypto: rsa - add a check for allocation failure
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: rsa - add a check for allocation failure

Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in current kernels, but adding a check is very simple and makes the static checkers happy.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6637e11e4ad22ff03183da0dbd36d65c98b81cf7
Fixed
2831f4d3bfa68e64c5f83e96688be779c87b3511
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6637e11e4ad22ff03183da0dbd36d65c98b81cf7
Fixed
95ad8b6879e2e49d02e3bfc0e1fb46421633fe2a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6637e11e4ad22ff03183da0dbd36d65c98b81cf7
Fixed
d872ca165cb67112f2841ef9c37d51ef7e63d1e4

Affected versions

v6.*

v6.4
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.2
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "281681987625605300526851111576017665795",
                "334079705588388087437512168706977324096",
                "333701904950736895866439348866629523419",
                "296674451905543643141328840570942064877"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "crypto/rsa.c"
        },
        "id": "CVE-2023-52472-16206988",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d872ca165cb67112f2841ef9c37d51ef7e63d1e4",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "281681987625605300526851111576017665795",
                "334079705588388087437512168706977324096",
                "333701904950736895866439348866629523419",
                "296674451905543643141328840570942064877"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "crypto/rsa.c"
        },
        "id": "CVE-2023-52472-69322bd5",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2831f4d3bfa68e64c5f83e96688be779c87b3511",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "177214536051971316348805378311924141659",
            "length": 331.0
        },
        "target": {
            "function": "rsa_check_exponent_fips",
            "file": "crypto/rsa.c"
        },
        "id": "CVE-2023-52472-6fe6e7d2",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d872ca165cb67112f2841ef9c37d51ef7e63d1e4",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "177214536051971316348805378311924141659",
            "length": 331.0
        },
        "target": {
            "function": "rsa_check_exponent_fips",
            "file": "crypto/rsa.c"
        },
        "id": "CVE-2023-52472-97f35a95",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@95ad8b6879e2e49d02e3bfc0e1fb46421633fe2a",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "281681987625605300526851111576017665795",
                "334079705588388087437512168706977324096",
                "333701904950736895866439348866629523419",
                "296674451905543643141328840570942064877"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "crypto/rsa.c"
        },
        "id": "CVE-2023-52472-c3f78a72",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@95ad8b6879e2e49d02e3bfc0e1fb46421633fe2a",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "177214536051971316348805378311924141659",
            "length": 331.0
        },
        "target": {
            "function": "rsa_check_exponent_fips",
            "file": "crypto/rsa.c"
        },
        "id": "CVE-2023-52472-cff8f833",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2831f4d3bfa68e64c5f83e96688be779c87b3511",
        "signature_type": "Function"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.5.0
Fixed
6.6.14
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.2