CVE-2023-53332
EUVD-2023-5992916.09.2025, 17:15
In the Linux kernel, the following vulnerability has been resolved:
genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()
If ipi_send_{mask|single}() is called with an invalid interrupt number, all
the local variables there will be NULL. ipi_send_verify() which is invoked
from these functions does verify its 'data' parameter, resulting in a
kernel oops in irq_data_get_affinity_mask() as the passed NULL pointer gets
dereferenced.
Add a missing NULL pointer check in ipi_send_verify()...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.EnginsightAffected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.6 ≤ 𝑥 < 6.1.18 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.2.5 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||
|---|---|---|---|---|---|
| cluster-md-kmp-default |
| ||||
| dlm-kmp-default |
| ||||
| gfs2-kmp-default |
| ||||
| kernel-64kb |
| ||||
| kernel-default |
| ||||
| kernel-default-base |
| ||||
| kernel-default-man |
| ||||
| kernel-obs-build |
| ||||
| kernel-source |
| ||||
| kernel-zfcpdump |
| ||||
| ocfs2-kmp-default |
| ||||
| reiserfs-kmp-default |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| bpftool |
| ||
| bpftool-debuginfo |
| ||
| kernel |
| ||
| kernel-debuginfo |
| ||
| kernel-debuginfo-common-aarch64 |
| ||
| kernel-debuginfo-common-x86_64 |
| ||
| kernel-devel |
| ||
| kernel-headers |
| ||
| kernel-libbpf |
| ||
| kernel-libbpf-devel |
| ||
| kernel-libbpf-static |
| ||
| kernel-livepatch-6.1.19-30.43 |
| ||
| kernel-tools |
| ||
| kernel-tools-debuginfo |
| ||
| kernel-tools-devel |
| ||
| perf |
| ||
| perf-debuginfo |
| ||
| python3-perf |
| ||
| python3-perf-debuginfo |
|
Common Weakness Enumeration