CVE-2023-53044

MEDIUM

Linux Kernel - NULL Pointer Dereference in dm_stats_cleanup

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate alloc_percpu failure Check alloc_precpu()'s return value and return an error from dm_stats_init() if it fails. Update alloc_dev() to fail if dm_stats_init() does. Otherwise, a NULL pointer dereference will occur in dm_stats_cleanup() even if dm-stats isn't being actively used.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/2287d7b721471a3d58bcd829250336e3cdf1635e

Patch

https://git.kernel.org/stable/c/0d96bd507ed7e7d565b6d53ebd3874686f123b2e

Patch

https://git.kernel.org/stable/c/4a32a9a818a895671bd43e0c40351e60e4e9140b

Patch

https://git.kernel.org/stable/c/c68f08cc745675a17894e1b4a5b5b9700ace6da4

Patch

https://git.kernel.org/stable/c/443c9d522397511a4328dc2ec3c9c63c73049756

Patch

https://git.kernel.org/stable/c/a42180dd361584816bfe15c137b665699b994d90

Patch

https://git.kernel.org/stable/c/5b66e36a3efd24041b7374432bfa4dec2ff01e95

Patch

https://git.kernel.org/stable/c/d3aa3e060c4a80827eb801fc448debc9daa7c46b

Scores

CVSS v3 5.5

EPSS 0.0016

EPSS Percentile 5.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (20)

Linux/Linux < 3.12

Linux/Linux 3.12

Linux/Linux 4.14.312 - 4.14.*

Linux/Linux 4.19.280 - 4.19.*

Linux/Linux 5.10.177 - 5.10.*

Linux/Linux 5.15.105 - 5.15.*

Linux/Linux 5.4.240 - 5.4.*

Linux/Linux 6.1.22 - 6.1.*

Linux/Linux 6.2.9 - 6.2.*

Linux/Linux 6.3

... and 10 more

Published May 02, 2025

Tracked Since Feb 18, 2026