CVE-2023-53561— net: wwan: iosm: fix NULL pointer dereference when removing device
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-53561
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
net: wwan: iosm: fix NULL pointer dereference when removing device
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device ends up in NULL pointer dereference. During driver initialization, if the ipc_imem_wwan_channel_init() fails to get the valid device capabilities it returns an error and further no resource (wwan struct) will be allocated. Now in this situation if driver removal procedure is initiated it would result in NULL pointer exception since unallocated wwan struct is dereferenced inside ipc_wwan_deinit(). ipc_imem_run_state_worker() to handle the called functions return value and to release the resource in failure case. It also reports the link down event in failure cases. The user space application can handle this event to do a device reset for restoring the device communication.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未处理ipc_imem_wwan_channel_init失败情况,可能导致空指针取消引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2023-53561
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-53561
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-10-04 · 144 CVEs total
| CVE-2025-39946 | 9.8 CRITICAL | tls: make sure to abort the stream if headers are bogus |
| CVE-2022-50491 | coresight: cti: Fix hang in cti_disable_hw() | |
| CVE-2023-53581 | net/mlx5e: Check for NOT_READY flag state after locking | |
| CVE-2023-53580 | USB: Gadget: core: Help prevent panic during UVC unconfigure | |
| CVE-2022-50507 | fs/ntfs3: Validate data run offset | |
| CVE-2022-50508 | wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power | |
| CVE-2022-50506 | drbd: only clone bio if we have a backing device | |
| CVE-2022-50504 | powerpc/rtas: avoid scheduling in rtas_os_term() | |
| CVE-2022-50505 | iommu/amd: Fix pci device refcount leak in ppr_notifier() | |
| CVE-2022-50503 | mtd: lpddr2_nvm: Fix possible null-ptr-deref | |
| CVE-2022-50501 | media: coda: Add check for dcoda_iram_alloc | |
| CVE-2022-50500 | netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed | |
| CVE-2022-50499 | media: dvb-core: Fix double free in dvb_register_device() | |
| CVE-2022-50497 | binfmt_misc: fix shift-out-of-bounds in check_special_flags | |
| CVE-2022-50498 | eth: alx: take rtnl_lock on resume | |
| CVE-2022-50496 | dm cache: Fix UAF in destroy() | |
| CVE-2022-50494 | thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash | |
| CVE-2022-50493 | scsi: qla2xxx: Fix crash when I/O abort times out | |
| CVE-2022-50492 | drm/msm: fix use-after-free on probe deferral | |
| CVE-2023-53572 | clk: imx: scu: use _safe list iterator to avoid a use after free |
Showing top 20 of 144 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2023-53561
No comments yet