Null Pointer Dereference in Linux Kernel Affects Multiple Distributions
CVE-2023-53664

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2023-53664?

A vulnerability in the Linux kernel exposes systems to the risk of null pointer dereference, particularly within the dev_pm_opp_get_required_pstate() function. This flaw occurs when the 'opp' pointer is dereferenced without a prior check for NULL or error status, potentially leading to system instability or crashes. Addressing this vulnerability involves correcting the dereference logic by directly accessing the opp_table to enhance overall system security.

Affected Version(s)

Linux 84cb7ff35fcf7c0b552f553a3f2db9c3e92fc707 < 25130b27e0352acb83e91c467853eb9afad3b644

Linux 84cb7ff35fcf7c0b552f553a3f2db9c3e92fc707 < 7ddd8deb1c3c0363a7e14fafb5df26e2089a69a5

Linux 6.5

References

https://git.kernel.org/stable/c/25130b27e0352acb83e91c467...

https://git.kernel.org/stable/c/7ddd8deb1c3c0363a7e14fafb...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON