CVE-2023-52564

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 2, 2024

Updated: Jan 7, 2025

CWE ID 476

Summary

CVE-2023-52564 is a vulnerability in the Linux kernel that affects the tty driver. The issue arises from a reverted commit intended to fix a Use-After-Free (UAF) issue in gsm_cleanup_mux(). The original commit aimed to clear a pointer before calling gsm_dlci_release(), but this step is unnecessary as gsm_dlci_free() already clears it. Consequently, the reverted commit introduced a null pointer dereference, leading to potential crashes and system instability. The vulnerability can be exploited if dlci_put() is called multiple times while the tty driver is still processing, resulting in unintended behavior.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners