CVE-2023-53332

EUVD-2023-59929

16.09.2025, 17:15

In the Linux kernel, the following vulnerability has been resolved:

genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()

If ipi_send_{mask|single}() is called with an invalid interrupt number, all
the local variables there will be NULL. ipi_send_verify() which is invoked
from these functions does verify its 'data' parameter, resulting in a
kernel oops in irq_data_get_affinity_mask() as the passed NULL pointer gets
dereferenced.

Add a missing NULL pointer check in ipi_send_verify()...

Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	4.6 ≤ 𝑥 < 6.1.18
linux	linux_kernel	6.2 ≤ 𝑥 < 6.2.5

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 fixed
bookworm (security)	6.1.147-1 fixed
bullseye	vulnerable
bullseye (security)	vulnerable
forky	6.16.3-1 fixed
sid	6.16.7-1 fixed
trixie	6.12.43-1 fixed
trixie (security)	6.12.41-1 fixed

openSUSE / SLES Releases

openSUSE Product

Release

cluster-md-kmp-default

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

dlm-kmp-default

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

gfs2-kmp-default

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

kernel-64kb

suse enterprise server 15 SP5

5.14.21-150500.55.124.1

fixed

kernel-default

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

kernel-default-base

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1.150500.6.59.1 fixed

kernel-default-man

suse enterprise server 12 SP5

4.12.14-122.275.1

fixed

kernel-docs

suse enterprise server 15 SP5

5.14.21-150500.55.124.1

fixed

kernel-macros

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

kernel-obs-build

suse enterprise server 15 SP5

5.14.21-150500.55.124.1

fixed

kernel-source

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

kernel-syms

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

kernel-zfcpdump

suse enterprise server 15 SP5

5.14.21-150500.55.124.1

fixed

ocfs2-kmp-default

suse enterprise server 12 SP5	4.12.14-122.275.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.124.1 fixed

reiserfs-kmp-default

suse enterprise server 15 SP5

5.14.21-150500.55.124.1

fixed

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://git.kernel.org/stable/c/7448c73d64075051f50caed2c62f46553b69ab8a

https://git.kernel.org/stable/c/926aef60ea64cd9becf2829f7388f48dbe8bcb11

https://git.kernel.org/stable/c/feabecaff5902f896531dde90646ca5dfa9d4f7d