CVE-2023-52637

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 3, 2024

Updated: Jan 7, 2025

CWE ID 416

Summary

CVE-2024-26717 is a newly identified vulnerability affecting the Linux kernel's i2c-hid-of driver. This issue arises due to a NULL pointer dereference on power-up failures. The driver, which was previously split into ACPI and OF parts, fails to initialize the client pointer in the OF implementation, resulting in the dereference of a null value upon power-up. This vulnerability could potentially lead to system crashes or even allow unauthorized access, making it a significant security concern. The affected Linux kernel versions have been released with a patch to address this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uxtdZx
https://www.cve.org/CVERecord?id=CVE-2023-52637
https://nvd.nist.gov/vuln/detail/CVE-2023-52637

Back to Vulnerability Database

CVE-2023-52637

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations