Bug 1225104 (CVE-2023-52783) - VUL-0: CVE-2023-52783: kernel: net: wangxun: fix kernel panic due to null pointer
Summary: VUL-0: CVE-2023-52783: kernel: net: wangxun: fix kernel panic due to null poi...
Status: RESOLVED FIXED
Alias: CVE-2023-52783
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/406858/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-05-23 09:47 UTC by SMASH SMASH
Modified: 2024-07-08 15:03 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-05-23 09:47:26 UTC 
In the Linux kernel, the following vulnerability has been resolved:

net: wangxun: fix kernel panic due to null pointer

When the device uses a custom subsystem vendor ID, the function
wx_sw_init() returns before the memory of 'wx->mac_table' is allocated.
The null pointer will causes the kernel panic.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52783
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2023/CVE-2023-52783.mbox
https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9
https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013
https://www.cve.org/CVERecord?id=CVE-2023-52783
Comment 1 Gabriel Krisman Bertazi 2024-05-23 18:09:46 UTC 
The issue was introduced in 6.3 and fixed in 6.7. We are just pending references update for SP6 which will be done as part of mass update. Reassiging to security team.
Comment 2 Andrea Mattiazzo 2024-05-29 12:25:05 UTC 
All done, closing.