CVE-2023-53480

MEDIUM EPSS 4.2%
Published Oct 1, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: kobject: Add sanity check for kset->kobj.ktype in kset_register() When I register a kset in the following way: static struct kset my_kset; kobject_set_name(&my_kset.kobj, "my_kset"); ret = kset_register(&my_kset); A null pointer dereference exception is occurred: [ 4453.568337] Unable to handle kernel NULL pointer dereference at \ virtual address 0000000000000028 ... ... [ 4453.810361] Call trace: [ 4453.813062] kobject_get_ownership+0xc/0x34 [ 4453.817493] kobject_add_internal+0x98/0x274 [ 4453.822005] kset_register+0x5c/0xb4 [ 4453.825820] my_kobj_init+0x44/0x1000 [my_kset] ... ... Because I didn't initialize my_kset.kobj.ktype. According to the description in Documentation/core-api/kobject.rst: - A ktype is the type of object that embeds a kobject. Every structure that embeds a kobject needs a corresponding ktype. So add sanity check to make sure kset->kobj.ktype is not NULL.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥4.19  –  <4.19.295
linuxlinux_kernel*≥4.20  –  <5.4.257
linuxlinux_kernel*≥5.5  –  <5.10.197
linuxlinux_kernel*≥5.11  –  <5.15.133
linuxlinux_kernel*≥5.16  –  <6.1.55
linuxlinux_kernel*≥6.2  –  <6.5.5

References 7

  • git.kernel.org https://git.kernel.org/stable/c/039ec9db2d30032eafa365f5f89b30eca5322b05
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1a772881bc059c596d8ca587cbd2a233edce3d3b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/48aebbe801e78a8932404c122ed0e880ccedc220
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d0fe8c52bb3029d83e323c961221156ab98680b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5df5829158513134ddcaf2184d9286eda7b0bb18
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/964e025ceefdf75da46b0133d0c2790de451aeec
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f3f6bf22a4f5ba649cf26ae4670de5c7f861bdef
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/039ec9db2d30032eafa365f5f89b30eca5322b05
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1a772881bc059c596d8ca587cbd2a233edce3d3b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/48aebbe801e78a8932404c122ed0e880ccedc220
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d0fe8c52bb3029d83e323c961221156ab98680b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5df5829158513134ddcaf2184d9286eda7b0bb18
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/964e025ceefdf75da46b0133d0c2790de451aeec
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f3f6bf22a4f5ba649cf26ae4670de5c7f861bdef
    Patch