CVE-2023-52877
Published: May 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on failure. When port->partner is an error, a NULL pointer dereference may occur as shown below. [91222.095236][ T319] typec port0: failed to register partner (-17) ... [91225.061491][ T319] Unable to handle kernel NULL pointer dereference at virtual address 000000000000039f [91225.274642][ T319] pc : tcpm_pd_data_request+0x310/0x13fc [91225.274646][ T319] lr : tcpm_pd_data_request+0x298/0x13fc [91225.308067][ T319] Call trace: [91225.308070][ T319] tcpm_pd_data_request+0x310/0x13fc [91225.308073][ T319] tcpm_pd_rx_handler+0x100/0x9e8 [91225.355900][ T319] kthread_worker_fn+0x178/0x58c [91225.355902][ T319] kthread+0x150/0x200 [91225.355905][ T319] ret_from_fork+0x10/0x30 Add a check for port->partner to avoid dereferencing a NULL pointer.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 5e1d4c49fbc86dab6e005d66f066bd53c9479cde - < e5f53a68a596e04df3fde3099273435a30b6fdacaffected 5e1d4c49fbc86dab6e005d66f066bd53c9479cde - < e7a802447c491903aa7cb45967aa2a934a4e63fcaffected 5e1d4c49fbc86dab6e005d66f066bd53c9479cde - < 9ee038590d808a95d16adf92818dcd4752273c08affected 5e1d4c49fbc86dab6e005d66f066bd53c9479cde - < b37a168c0137156042a0ca9626651b5a789e822baffected 5e1d4c49fbc86dab6e005d66f066bd53c9479cde - < 4987daf86c152ff882d51572d154ad12e4ff3a4b |
Linux | Linux | affected 5.12unaffected 0 - < 5.12unaffected 5.15.138 - <= 5.15.*unaffected 6.1.62 - <= 6.1.*unaffected 6.5.11 - <= 6.5.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now