CVE-2023-53220
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() In az6007_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach az6007_i2c_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-03
Generated
2026-05-07
AI Q&A
2025-09-15
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53220
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel to 4.14.326 (exc)
linux linux_kernel From 4.15 (inc) to 4.19.295 (exc)
linux linux_kernel From 4.20 (inc) to 5.4.257 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.197 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.133 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.55 (exc)
linux linux_kernel From 6.2 (inc) to 6.5.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a null pointer dereference in the Linux kernel's az6007 driver, specifically in the az6007_i2c_xfer function. The issue occurs because the function processes a message (msg) controlled by the user. If msg[i].buf is null and msg[i].len is zero, previous checks on msg[i].buf are bypassed, leading to a situation where the function accesses msg[i].buf[0] without verifying if msg[i].buf is valid. This causes a null pointer dereference, potentially crashing the system. The fix involves adding a check on msg[i].len to prevent this crash.


How can this vulnerability impact me? :

This vulnerability can cause a system crash due to a null pointer dereference when processing specially crafted messages in the az6007 driver. An attacker controlling the input to az6007_i2c_xfer could exploit this to cause a denial of service by crashing the kernel.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the null pointer dereference in az6007_i2c_xfer. The fix adds a check on msg[i].len to prevent the crash caused by null pointer dereference. Applying the latest kernel patches or updates from your Linux distribution is recommended.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart