CVE-2023-52939

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 27, 2025

Updated: Apr 15, 2025

CWE ID 476

Summary

CVE-2023-52939 is a Linux kernel vulnerability that could result in a NULL pointer dereference. This issue is caused by the memcg component, specifically in the mem_cgroup_track_foreign_dirty_slowpath() function. When certain conditions are met, hwpoison may forcibly uncharge a LRU page, leading to a folio_memcg being set to NULL. Consequently, mem_cgroup_track_foreign_dirty() does not record foreign writebacks for the affected memcg, preventing a NULL pointer dereference. The vulnerability has been resolved by committing changes to not record foreign writebacks when the memcg is null.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x8QLMf
https://www.cve.org/CVERecord?id=CVE-2023-52939
https://nvd.nist.gov/vuln/detail/CVE-2023-52939

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2023-52939

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations