CVE-2023-52833
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-52833
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52833.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-52833
- Related
- Published
- 2024-05-21T16:15:20Z
- Modified
- 2024-09-18T03:24:39.080937Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btusb: Add date->evt_skb is NULL check
fix crash because of null pointers
[ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8 [ 6104.969667] #PF: supervisor read access in kernel mode [ 6104.969668] #PF: errorcode(0x0000) - not-present page [ 6104.969670] PGD 0 P4D 0 [ 6104.969673] Oops: 0000 [#1] SMP NOPTI [ 6104.969684] RIP: 0010:btusbmtkhciwmtsync+0x144/0x220 [btusb] [ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246 [ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006 [ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000 [ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001 [ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0 [ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90 [ 6104.969697] FS: 00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000 [ 6104.969699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0 [ 6104.969701] PKRU: 55555554 [ 6104.969702] Call Trace: [ 6104.969708] btusbmtkshutdown+0x44/0x80 [btusb] [ 6104.969732] hcidevdoclose+0x470/0x5c0 [bluetooth] [ 6104.969748] hcirfkillsetblock+0x56/0xa0 [bluetooth] [ 6104.969753] rfkillsetblock+0x92/0x160 [ 6104.969755] rfkillfopwrite+0x136/0x1e0 [ 6104.969759] _vfswrite+0x18/0x40 [ 6104.969761] vfswrite+0xdf/0x1c0 [ 6104.969763] ksyswrite+0xb1/0xe0 [ 6104.969765] _x64syswrite+0x1a/0x20 [ 6104.969769] dosyscall64+0x51/0x180 [ 6104.969771] entrySYSCALL64afterhwframe+0x44/0xa9 [ 6104.969773] RIP: 0033:0x7f5a21f18fef [ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef [ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012 [ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017 [ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002 [ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0
- References
-
- https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30
- https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a
- https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9
- https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3
- https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0
- https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c
- https://security-tracker.debian.org/tracker/CVE-2023-52833
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.205-1
Affected versions
5.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.64-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.6.8-1