CVE-2023-53364

EUVD-2023-59962

17.09.2025, 15:15

In the Linux kernel, the following vulnerability has been resolved:

regulator: da9063: better fix null deref with partial DT

Two versions of the original patch were sent but V1 was merged instead
of V2 due to a mistake.

So update to V2.

The advantage of V2 is that it completely avoids dereferencing the pointer,
even just to take the address, which may fix problems with some compilers.
Both versions work on my gcc 9.4 but use the safer one.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	6.4.7 ≤ 𝑥 < 6.4.12
linux	linux_kernel	6.5:rc3
linux	linux_kernel	6.5:rc4
linux	linux_kernel	6.5:rc5
linux	linux_kernel	6.5:rc6

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 not-affected
bookworm (security)	6.1.147-1 fixed
bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.237-1 fixed
forky	6.16.7-1 fixed
sid	6.16.7-1 fixed
trixie	6.12.43-1 fixed
trixie (security)	6.12.41-1 fixed

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://git.kernel.org/stable/c/30c694fd4a99fbbc4115d180156ca01b60953371

https://git.kernel.org/stable/c/aa402a3b553bd4829f4504058d53b0351c66c9d4