Null Pointer Dereference Vulnerability in Linux Kernel’s TW68 Driver
CVE-2023-53244

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 September 2025

What is CVE-2023-53244?

A vulnerability exists within the Linux Kernel’s TW68 driver that can lead to a null pointer dereference. When the driver invokes the tw68_risc_buffer() function to prepare a buffer, it may encounter failure during dma_alloc_coherent, leaving the buffer's CPU field empty. This situation can trigger a null pointer dereference upon subsequent buffer access or deallocation. The vulnerability may be exploited dynamically from a user-side context. It has been addressed by implementing checks on the return value of tw68_risc_buffer() and validating buf->cpu before freeing the buffer, thereby enhancing the driver’s reliability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e15d1c12c5878b3a80d6573af1721e17264e0286

Linux e15d1c12c5878b3a80d6573af1721e17264e0286 < 3c67f49a6643d973e83968ea35806c7b5ae68b56

Linux e15d1c12c5878b3a80d6573af1721e17264e0286 < 3715c5e9a8f96b6ed0dcbea06da443efccac1ecc

References

https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c9...
https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea3...
https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.