CVE-2023-53206
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-12-04
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (pmbus_core) Fix NULL pointer dereference
Pass i2c_client to _pmbus_is_enabled to drop the assumption
that a regulator device is passed in.
This will fix the issue of a NULL pointer dereference when called from
_pmbus_get_flags.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.4 (inc) to 6.4.8 (exc) |
| linux | linux_kernel | 6.5 |
| linux | linux_kernel | 6.5 |
| linux | linux_kernel | 6.5 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a NULL pointer dereference in the Linux kernel's hwmon subsystem, specifically in the pmbus_core component. It occurs because the code incorrectly assumes that a regulator device is passed to the function _pmbus_is_enabled, but sometimes a NULL pointer is passed instead, leading to a crash when _pmbus_get_flags calls it.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash or become unstable due to a NULL pointer dereference, potentially leading to denial of service or system instability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70