CVE-2023-52605
Published: March 7, 2024Last modified: June 17, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: extlog: fix NULL pointer dereference check The gcc plugin -fanalyzer [1] tries to detect various patterns of incorrect behaviour. The tool reports: drivers/acpi/acpi_extlog.c: In function ‘extlog_exit’: drivers/acpi/acpi_extlog.c:307:12: warning: check of ‘extlog_l1_addr’ for NULL after already dereferencing it [-Wanalyzer-deref-before-check] | | 306 | ((struct extlog_l1_head *)extlog_l1_addr)->flags &= ~FLAG_OS_OPTIN; | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ | | | | | (1) pointer ‘extlog_l1_addr’ is dereferenced here | 307 | if (extlog_l1_addr) | | ~ | | | | | (2) pointer ‘extlog_l1_addr’ is checked for NULL here but it was already dereferenced at (1) | Fix the NULL pointer dereference check in extlog_exit().
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.81-r0) |
| Stream | linux-lts | Fixed (6.1.81-r0) |
References
- https://git.kernel.org/stable/c/33650372e3ead97c5ab3b84d9ad97737bc5e00c0
- https://git.kernel.org/stable/c/5457b0cbaa0238fc56b855c4ef2c0b9cc9c559ab
- https://git.kernel.org/stable/c/72d9b9747e78979510e9aafdd32eb99c7aa30dd1
- https://git.kernel.org/stable/c/77846571b3ba6a6125a20ad109bb8514ba884cf9
- https://git.kernel.org/stable/c/b17a71435e7e153e949df018244a98b4ede04069
- https://git.kernel.org/stable/c/b7b33627be0626b16ca321b982d6a2261ef7f703
- https://git.kernel.org/stable/c/d2049af7ddbc361702c3e1f09bd6c5e9488454ca
- https://git.kernel.org/stable/c/f066171de33d71ff0f7c46bd17636a5a26db3fb6