CVE-2023-52853

MEDIUM

Linux Kernel 4.10-4.19.298 - NULL Pointer Dereference in HID cp2112 Workqueue Initialization

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called INIT_DELAYED_WORK within cp2112_gpio_irq_startup, resulting in duplicate initilizations of the workqueue on subsequent IRQ startups following an initial request. This resulted in a warning in set_work_data in workqueue.c, as well as a rare NULL dereference within process_one_work in workqueue.c. Initialize the workqueue within _probe instead.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6

Patch

https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819

Patch

https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd

Patch

https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf

Patch

https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38

Patch

https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592

Patch

https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c

Patch

https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 15.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (19)

Linux/Linux < 4.10

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - 012d0c66f9392a99232ac28217229f32dd3a70cf

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - 3d959406c8fff2334d83d0c352d54fd6f5b2e7cd

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - 727203e6e7e7020e1246fc1628cbdb8d90177819

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - bafb12b629b7c3ad59812dd1ac1b0618062e0e38

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - df0daac2709473531d6a3472997cc65301ac06d6

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - e3c2d2d144c082dd71596953193adf9891491f42

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - eb1121fac7986b30915ba20c5a04cc01fdcf160c

Linux/Linux 13de9cca514ed63604263cad87ca8cb36e9b6489 - fb5718bc67337dde1528661f419ffcf275757592

Linux/Linux 4.10

... and 9 more

Published May 21, 2024

Tracked Since Feb 18, 2026