OpenCVE

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists before dereferencing it as rdma_set_service_type() argument Found by Linux Verification Center (linuxtesting.org) with SVACE.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35
https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9
https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a
https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e
https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478
https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f
https://lore.kernel.org/linux-cve-announce/2024030256-CVE-2023-52573-531c@gregkh/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2023-52573
https://www.cve.org/CVERecord?id=CVE-2023-52573

History

Mon, 04 Nov 2024 13:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-02T21:59:42.627Z

Updated: 2024-11-04T14:49:00.335Z

Reserved: 2024-03-02T21:55:42.568Z

Link: CVE-2023-52573

Vulnrichment

Updated: 2024-08-02T23:03:20.876Z

NVD

Status : Awaiting Analysis

Published: 2024-03-02T22:15:49.350

Modified: 2024-11-21T08:40:06.067

Link: CVE-2023-52573

Redhat

Severity : Low

Publid Date: 2024-03-02T00:00:00Z

Links: CVE-2023-52573 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52573", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-02T21:55:42.568Z", "datePublished": "2024-03-02T21:59:42.627Z", "dateUpdated": "2024-11-04T14:49:00.335Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:49:00.335Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: Fix possible NULL-pointer dereference\n\nIn rds_rdma_cm_event_handler_cmn() check, if conn pointer exists\nbefore dereferencing it as rdma_set_service_type() argument\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/rds/rdma_transport.c"], "versions": [{"version": "fd261ce6a30e", "lessThan": "812da2a08dc5", "status": "affected", "versionType": "git"}, {"version": "fd261ce6a30e", "lessThan": "f515112e8337", "status": "affected", "versionType": "git"}, {"version": "fd261ce6a30e", "lessThan": "ea82139e6e35", "status": "affected", "versionType": "git"}, {"version": "fd261ce6a30e", "lessThan": "51fa66024a5e", "status": "affected", "versionType": "git"}, {"version": "fd261ce6a30e", "lessThan": "069ac51c37a6", "status": "affected", "versionType": "git"}, {"version": "fd261ce6a30e", "lessThan": "f1d95df0f310", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/rds/rdma_transport.c"], "versions": [{"version": "5.1", "status": "affected"}, {"version": "0", "lessThan": "5.1", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.258", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.198", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.134", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.56", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.6", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a"}, {"url": "https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f"}, {"url": "https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e"}, {"url": "https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9"}, {"url": "https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35"}, {"url": "https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478"}], "title": "net: rds: Fix possible NULL-pointer dereference", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-25T19:52:45.818038Z", "id": "CVE-2023-52573", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-25T19:53:00.338Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.876Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.876Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52573", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-25T19:52:45.818038Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-25T19:52:57.933Z"}}], "cna": {"title": "net: rds: Fix possible NULL-pointer dereference", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "fd261ce6a30e", "lessThan": "812da2a08dc5", "versionType": "git"}, {"status": "affected", "version": "fd261ce6a30e", "lessThan": "f515112e8337", "versionType": "git"}, {"status": "affected", "version": "fd261ce6a30e", "lessThan": "ea82139e6e35", "versionType": "git"}, {"status": "affected", "version": "fd261ce6a30e", "lessThan": "51fa66024a5e", "versionType": "git"}, {"status": "affected", "version": "fd261ce6a30e", "lessThan": "069ac51c37a6", "versionType": "git"}, {"status": "affected", "version": "fd261ce6a30e", "lessThan": "f1d95df0f310", "versionType": "git"}], "programFiles": ["net/rds/rdma_transport.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.1"}, {"status": "unaffected", "version": "0", "lessThan": "5.1", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.258", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.198", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.134", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.56", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.5.6", "versionType": "semver", "lessThanOrEqual": "6.5.*"}, {"status": "unaffected", "version": "6.6", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/rds/rdma_transport.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a"}, {"url": "https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f"}, {"url": "https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e"}, {"url": "https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9"}, {"url": "https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35"}, {"url": "https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: Fix possible NULL-pointer dereference\n\nIn rds_rdma_cm_event_handler_cmn() check, if conn pointer exists\nbefore dereferencing it as rdma_set_service_type() argument\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:49:00.335Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52573", "state": "PUBLISHED", "dateUpdated": "2024-11-04T14:49:00.335Z", "dateReserved": "2024-03-02T21:55:42.568Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-02T21:59:42.627Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: Fix possible NULL-pointer dereference\n\nIn rds_rdma_cm_event_handler_cmn() check, if conn pointer exists\nbefore dereferencing it as rdma_set_service_type() argument\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: rds: corrige la posible desreferencia del puntero NULL. En rds_rdma_cm_event_handler_cmn(), verifique si el puntero de conexi\u00f3n existe antes de desreferenciarlo como argumento rdma_set_service_type() Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con SVACE."}], "id": "CVE-2023-52573", "lastModified": "2024-11-21T08:40:06.067", "metrics": {}, "published": "2024-03-02T22:15:49.350", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/069ac51c37a6f07a51f7134d8c34289075786a35"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/51fa66024a5eabf270164f2dc82a48ffb35a12e9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/812da2a08dc5cc75fb71e29083ea20904510ac7a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ea82139e6e3561100d38d14401d57c0ea93fc07e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/f1d95df0f31048f1c59092648997686e3f7d9478"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/f515112e833791001aaa8ab886af3ca78503617f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}