目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2023-53182— Linux kernel 安全漏洞

EPSS 0.01% · P3
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2023-53182の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
ACPICA: Avoid undefined behavior: applying zero offset to null pointer
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit 770653e3ba67c30a629ca7d12e352d83c2541b1e Before this change we see the following UBSAN stack trace in Fuchsia: #0 0x000021e4213b3302 in acpi_ds_init_aml_walk(struct acpi_walk_state*, union acpi_parse_object*, struct acpi_namespace_node*, u8*, u32, struct acpi_evaluate_info*, u8) ../../third_party/acpica/source/components/dispatcher/dswstate.c:682 <platform-bus-x86.so>+0x233302 #1.2 0x000020d0f660777f in ubsan_get_stack_trace() compiler-rt/lib/ubsan/ubsan_diag.cpp:41 <libclang_rt.asan.so>+0x3d77f #1.1 0x000020d0f660777f in maybe_print_stack_trace() compiler-rt/lib/ubsan/ubsan_diag.cpp:51 <libclang_rt.asan.so>+0x3d77f #1 0x000020d0f660777f in ~scoped_report() compiler-rt/lib/ubsan/ubsan_diag.cpp:387 <libclang_rt.asan.so>+0x3d77f #2 0x000020d0f660b96d in handlepointer_overflow_impl() compiler-rt/lib/ubsan/ubsan_handlers.cpp:809 <libclang_rt.asan.so>+0x4196d #3 0x000020d0f660b50d in compiler-rt/lib/ubsan/ubsan_handlers.cpp:815 <libclang_rt.asan.so>+0x4150d #4 0x000021e4213b3302 in acpi_ds_init_aml_walk(struct acpi_walk_state*, union acpi_parse_object*, struct acpi_namespace_node*, u8*, u32, struct acpi_evaluate_info*, u8) ../../third_party/acpica/source/components/dispatcher/dswstate.c:682 <platform-bus-x86.so>+0x233302 #5 0x000021e4213e2369 in acpi_ds_call_control_method(struct acpi_thread_state*, struct acpi_walk_state*, union acpi_parse_object*) ../../third_party/acpica/source/components/dispatcher/dsmethod.c:605 <platform-bus-x86.so>+0x262369 #6 0x000021e421437fac in acpi_ps_parse_aml(struct acpi_walk_state*) ../../third_party/acpica/source/components/parser/psparse.c:550 <platform-bus-x86.so>+0x2b7fac #7 0x000021e4214464d2 in acpi_ps_execute_method(struct acpi_evaluate_info*) ../../third_party/acpica/source/components/parser/psxface.c:244 <platform-bus-x86.so>+0x2c64d2 #8 0x000021e4213aa052 in acpi_ns_evaluate(struct acpi_evaluate_info*) ../../third_party/acpica/source/components/namespace/nseval.c:250 <platform-bus-x86.so>+0x22a052 #9 0x000021e421413dd8 in acpi_ns_init_one_device(acpi_handle, u32, void*, void**) ../../third_party/acpica/source/components/namespace/nsinit.c:735 <platform-bus-x86.so>+0x293dd8 #10 0x000021e421429e98 in acpi_ns_walk_namespace(acpi_object_type, acpi_handle, u32, u32, acpi_walk_callback, acpi_walk_callback, void*, void**) ../../third_party/acpica/source/components/namespace/nswalk.c:298 <platform-bus-x86.so>+0x2a9e98 #11 0x000021e4214131ac in acpi_ns_initialize_devices(u32) ../../third_party/acpica/source/components/namespace/nsinit.c:268 <platform-bus-x86.so>+0x2931ac #12 0x000021e42147c40d in acpi_initialize_objects(u32) ../../third_party/acpica/source/components/utilities/utxfinit.c:304 <platform-bus-x86.so>+0x2fc40d #13 0x000021e42126d603 in acpi::acpi_impl::initialize_acpi(acpi::acpi_impl*) ../../src/devices/board/lib/acpi/acpi-impl.cc:224 <platform-bus-x86.so>+0xed603 Add a simple check that avoids incrementing a pointer by zero, but otherwise behaves as before. Note that our findings are against ACPICA 20221020, but the same code exists on master.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未正确处理零偏移空指针,可能导致空指针取消引用。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 ~ 5a2d0dcb47b16f84880a59571eab8a004e3236d7 -
LinuxLinux 2.6.12 -

II. CVE-2023-53182の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2023-53182のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-09-15 · 210 CVEs total

CVE-2022-50293btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range
CVE-2023-53232mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data
CVE-2023-53233net/smc: fix deadlock triggered by cancel_delayed_work_syn()
CVE-2023-53234watchdog: Fix kmemleak in watchdog_cdev_register
CVE-2023-53235drm/tests: helpers: Avoid a driver uaf
CVE-2023-53236iommufd: Do not corrupt the pfn list when doing batch carry
CVE-2023-53237drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini
CVE-2023-53238phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
CVE-2023-53239drm/msm/mdp5: Add check for kzalloc
CVE-2023-53240xsk: check IFF_UP earlier in Tx path
CVE-2023-53241nfsd: call op_release, even when op_func returns an error
CVE-2023-53242thermal/drivers/hisi: Drop second sensor hi3660
CVE-2022-50291kcm: annotate data-races around kcm->rx_psock
CVE-2022-50292drm/msm/dp: fix bridge lifetime
CVE-2022-50303drm/amdkfd: Fix double release compute pasid
CVE-2022-50300btrfs: fix extent map use-after-free when handling missing device in read_one_chunk
CVE-2022-50301iommu/omap: Fix buffer overflow in debugfs
CVE-2022-50302lockd: set other missing fields when unlocking files
CVE-2022-50299md: Replace snprintf with scnprintf
CVE-2022-50304mtd: core: fix possible resource leak in init_mtd()

Showing 20 of 210 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: Linux
同じベンダー: Linux

V. CVE-2023-53182へのコメント

まだコメントはありません

コメントを残す