CVE-2023-53292
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-16
Last updated on: 2025-12-02
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none
After grabbing q->sysfs_lock, q->elevator may become NULL because of
elevator switch.
Fix the NULL dereference on q->elevator by checking it with lock.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | to 6.4.7 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a NULL pointer dereference in the Linux kernel's block multi-queue (blk-mq) subsystem. Specifically, after acquiring a lock (q->sysfs_lock), the pointer q->elevator may become NULL due to an elevator switch, which was not properly checked before use. This could lead to a kernel crash or instability.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash or become unstable due to a NULL pointer dereference, potentially leading to denial of service or system downtime.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70