Null Pointer Dereference Vulnerability in Linux Kernel Affecting Trace Events
CVE-2023-53005

5.5MEDIUM

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
27 March 2025

What is CVE-2023-53005?

A vulnerability in the Linux kernel's handling of trace events may lead to null pointer dereference. This occurs when the 'create_hist_field' function is called recursively, potentially returning a NULL value without proper checks. To mitigate this risk, it is crucial to check the return value of 'create_hist_field' to ensure system stability and security. This issue emphasizes the importance of thorough validation in kernel development to prevent crashes and maintain system integrity.

Affected Version(s)

Linux 30350d65ac5676c6d08d4fc935bc9a9cb0fd4ed3

Linux 30350d65ac5676c6d08d4fc935bc9a9cb0fd4ed3 < 31b2414abeaa6de0490e85164badc6dcb1bb8ec9

Linux 30350d65ac5676c6d08d4fc935bc9a9cb0fd4ed3 < 886aa449235f478e262bbd5dcdee6ed6bc202949

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.