CVE-2023-52864

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-52864

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52864.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-52864

Downstream

BELL-CVE-2023-52864

DEBIAN-CVE-2023-52864

OESA-2024-1693

OESA-2024-1694

OESA-2024-1705

RHSA-2024:5101

RHSA-2024:5102

RHSA-2024:5363

RHSA-2024:5364

RHSA-2024:5365

RHSA-2024:5692

RHSA-2024:6993

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2184-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2023-52864

Related

Published

2024-05-21T16:15:23Z

Modified

2025-09-24T00:15:36Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: wmi: Fix opening of char device

Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->privatedata, which means that privatedata will not be NULL when wmicharopen() is called. This might cause memory corruption should wmicharopen() be unable to find its driver, something which can happen when the associated WMI device is deleted in wmifreedevices().

Fix the problem by using the miscdevice pointer to retrieve the WMI device data associated with a char device using containerof(). This also avoids wmichar_open() picking a wrong WMI device bound to a driver with the same name as the original driver.

References

Affected packages