SB20240531337 - NULL pointer dereference in Linux kernel clk mediatek driver
Published: May 31, 2024 Updated: May 14, 2025
Security Bulletin ID
SB20240531337
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2023-52873)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_mt6779_apmixed_probe() and clk_mt6779_top_probe() functions in drivers/clk/mediatek/clk-mt6779.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae
- https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a
- https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b
- https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e
- https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e
- https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b
- https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.139
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.261
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.63
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7