QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-52915

Back to search

CVE-2023-52915

Published: Sep 6, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach af9035_i2c_master_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")

VendorProductVersions

Linux

Linux

affected
7f882c2e353ca58695e9b4fcc9e97a9d4cbcf273 - < b2f54ed7739dfdf42c4df0a11131aad7c8635464
affected
7f882c2e353ca58695e9b4fcc9e97a9d4cbcf273 - < fa58d9db5cad4bb7bb694b6837e3b96d87554f2b
affected
7f882c2e353ca58695e9b4fcc9e97a9d4cbcf273 - < b49c6e5dd236787f13a062ec528d724169f11152
affected
7f882c2e353ca58695e9b4fcc9e97a9d4cbcf273 - < 6c01ef65de0b321b2db1ef9abf8f1d15862b937e
affected
7f882c2e353ca58695e9b4fcc9e97a9d4cbcf273 - < d9ef84a7c222497ecb5fdf93361c76931804825e

+3 more versions

Linux

Linux

affected
3.5
unaffected
0 - < 3.5
unaffected
4.14.326 - <= 4.14.*
unaffected
4.19.295 - <= 4.19.*
unaffected
5.4.257 - <= 5.4.*

+5 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now