CVE-2023-53472

MEDIUM EPSS 4.2%
Published Oct 1, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm value is always 0. On basis of this fact simplify the code by removing operations with pwm->hwpwm, there is no controls which require channel number as input. Even though I wasn't aware at the time when I forward ported that patch, this fixes a null pointer dereference as lpc32xx->chip.pwms is NULL before devm_pwmchip_add() is called.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥4.9.284  –  <4.10
linuxlinux_kernel*≥4.14.248  –  <4.14.326
linuxlinux_kernel*≥4.19.208  –  <4.19.295
linuxlinux_kernel*≥5.4.149  –  <5.4.257
linuxlinux_kernel*≥5.10.69  –  <5.10.195
linuxlinux_kernel*≥5.14.8  –  <5.15.132
linuxlinux_kernel*≥5.16  –  <6.1.54
linuxlinux_kernel*≥6.2  –  <6.5.4

References 8

  • git.kernel.org https://git.kernel.org/stable/c/04301da4d87067a989f70ee56942bf9d97cd2a45
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4aae44f65827f0213a7361cf9c32cfe06114473f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/523f6268e86552a048975749251184c4e9a4b38f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5e22217c11424ef958ba28d03ff7167b4d7a8914
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2d9d884e84bfd37892219b1f55847f36d8e9901
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9a505f5b39d8fff1a55963a5e524c84639e98b2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/abd9b2ee4047ccd980decbf26d61f9637604b1d5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3a0ddbaf7f1f9ffc070718b417461ced3268758
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/04301da4d87067a989f70ee56942bf9d97cd2a45
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4aae44f65827f0213a7361cf9c32cfe06114473f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/523f6268e86552a048975749251184c4e9a4b38f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5e22217c11424ef958ba28d03ff7167b4d7a8914
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2d9d884e84bfd37892219b1f55847f36d8e9901
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9a505f5b39d8fff1a55963a5e524c84639e98b2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/abd9b2ee4047ccd980decbf26d61f9637604b1d5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3a0ddbaf7f1f9ffc070718b417461ced3268758
    Patch