CVE-2023-52938

MEDIUM

Linux Kernel 6.0.15-6.1.10 - NULL Pointer Dereference in UCSI Type-C Port Resume

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/fdd11d7136fd070b3a74d6d8799d9eac28a57fc5

Patch

https://git.kernel.org/stable/c/f82060da749c611ed427523b6d1605d87338aac1

Scores

CVSS v3 5.5

EPSS 0.0018

EPSS Percentile 8.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (6)

Linux/Linux 160416b397c362e37b590040a089604dd1f37de1

Linux/Linux 6.0.15 - 6.1

Linux/Linux 6.1.1 - 6.1.11

Linux/Linux 9222912924fcf56e2d166a503eddbdb5ffd2005f - fdd11d7136fd070b3a74d6d8799d9eac28a57fc5

Linux/Linux e0dced9c7d4763fd97c86a13902d135f03cc42eb - f82060da749c611ed427523b6d1605d87338aac1

linux/linux_kernel 6.0.15 - 6.1

Published Mar 27, 2025

Tracked Since Feb 18, 2026