CVE-2023-53250
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 1373 Comm: modprobe Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:dmi_sysfs_entry_release ... Call Trace: <TASK> kobject_put dmi_sysfs_register_handle (drivers/firmware/dmi-sysfs.c:540) dmi_sysfs dmi_decode_table (drivers/firmware/dmi_scan.c:133) dmi_walk (drivers/firmware/dmi_scan.c:1115) dmi_sysfs_init (drivers/firmware/dmi-sysfs.c:149) dmi_sysfs do_one_initcall (init/main.c:1296) ... Kernel panic - not syncing: Fatal exception Kernel Offset: 0x4000000 from 0xffffffff81000000 ---[ end Kernel panic - not syncing: Fatal exception ]--- It is because previous patch added kobject_put() to release the memory which will call dmi_sysfs_entry_release() and list_del(). However, list_add_tail(entry->list) is called after the error block, so the list_head is uninitialized and cannot be deleted. Move error handling to after list_add_tail to fix this.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-03
Generated
2026-05-07
AI Q&A
2025-09-15
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53250
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.9.318 (inc) to 4.10 (exc)
linux linux_kernel From 4.14.283 (inc) to 4.15 (exc)
linux linux_kernel From 4.19.247 (inc) to 4.20 (exc)
linux linux_kernel From 5.4.198 (inc) to 5.5 (exc)
linux linux_kernel From 5.10.122 (inc) to 5.11 (exc)
linux linux_kernel From 5.15.47 (inc) to 5.15.99 (exc)
linux linux_kernel From 5.17.15 (inc) to 5.18 (exc)
linux linux_kernel From 5.18.4 (inc) to 6.1.16 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a null pointer dereference in the Linux kernel's firmware dmi-sysfs component. It occurs because an error handling sequence calls kobject_put(), which triggers dmi_sysfs_entry_release() and attempts to delete an uninitialized list entry. The list_add_tail() call that initializes the list entry happens after the error handling, causing the kernel to dereference a null pointer and leading to a kernel panic.


How can this vulnerability impact me? :

This vulnerability can cause a kernel panic, which results in a system crash and loss of availability. This can disrupt normal operations, cause downtime, and potentially lead to data loss or system instability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart