CVE-2023-52864
Published: May 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->private_data, which means that private_data will not be NULL when wmi_char_open() is called. This might cause memory corruption should wmi_char_open() be unable to find its driver, something which can happen when the associated WMI device is deleted in wmi_free_devices(). Fix the problem by using the miscdevice pointer to retrieve the WMI device data associated with a char device using container_of(). This also avoids wmi_char_open() picking a wrong WMI device bound to a driver with the same name as the original driver.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 - < cf098e937dd125c0317a0d6f261ac2a950a233d6affected 44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 - < 9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203affected 44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 - < d426a2955e45a95b2282764105fcfb110a540453affected 44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 - < e0bf076b734a2fab92d8fddc2b8b03462eee7097affected 44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 - < 44a96796d25809502c75771d40ee693c2e44724e+3 more versions |
Linux | Linux | affected 4.15unaffected 0 - < 4.15unaffected 4.19.299 - <= 4.19.*unaffected 5.4.261 - <= 5.4.*unaffected 5.10.201 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now