CVE-2023-53244

MEDIUM EPSS 3.3%
Published Sep 15, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer buf->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71. We believe the bug can be also dynamically triggered from user side. Similarly, we fix this by checking the return value of tw68_risc_buffer() and the value of buf->cpu before buffer free.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel* <5.15.113
linuxlinux_kernel*≥5.16  –  <6.1.30
linuxlinux_kernel*≥6.2  –  <6.3.4

References 4

  • git.kernel.org https://git.kernel.org/stable/c/1634b7adcc5bef645b3666fdd564e5952a9e24e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06da443efccac1ecc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea35806c7b5ae68b56
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1634b7adcc5bef645b3666fdd564e5952a9e24e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06da443efccac1ecc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea35806c7b5ae68b56
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6
    Patch