vulnerability

Ubuntu: (Multiple Advisories) (CVE-2023-52449): Linux kernel (OEM) vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Feb 22, 2024	Mar 12, 2024	Aug 18, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Feb 22, 2024

Added

Mar 12, 2024

Modified

Aug 18, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

mtd: Fix gluebi NULL pointer dereference caused by ftl notifier

If both ftl.ko and gluebi.ko are loaded, the notifier of ftl
triggers NULL pointer dereference when trying to access
‘gluebi->desc’ in gluebi_read().

ubi_gluebi_init
ubi_register_volume_notifier
ubi_enumerate_volumes
ubi_notify_all
gluebi_notify nb->notifier_call()
gluebi_create
mtd_device_register
mtd_device_parse_register
add_mtd_device
blktrans_notify_add not->add()
ftl_add_mtd tr->add_mtd()
scan_header
mtd_read
mtd_read_oob
mtd_read_oob_std
gluebi_read mtd->read()
gluebi->desc - NULL

Detailed reproduction information available at the Link [1],

In the normal case, obtain gluebi->desc in the gluebi_get_device(),
and access gluebi->desc in the gluebi_read(). However,
gluebi_get_device() is not executed in advance in the
ftl_add_mtd() process, which leads to NULL pointer dereference.

The solution for the gluebi module is to run jffs2 on the UBI
volume without considering working with ftl or mtdblock [2].
Therefore, this problem can be avoided by preventing gluebi from
creating the mtdblock device after creating mtd partition of the
type MTD_UBIVOLUME.

Solutions

ubuntu-upgrade-linux-image-4-15-0-1133-oracleubuntu-upgrade-linux-image-4-15-0-1154-kvmubuntu-upgrade-linux-image-4-15-0-1164-gcpubuntu-upgrade-linux-image-4-15-0-1170-awsubuntu-upgrade-linux-image-4-15-0-1179-azureubuntu-upgrade-linux-image-4-15-0-227-genericubuntu-upgrade-linux-image-4-15-0-227-lowlatencyubuntu-upgrade-linux-image-4-4-0-1134-awsubuntu-upgrade-linux-image-4-4-0-1135-kvmubuntu-upgrade-linux-image-4-4-0-1172-awsubuntu-upgrade-linux-image-4-4-0-257-genericubuntu-upgrade-linux-image-4-4-0-257-lowlatencyubuntu-upgrade-linux-image-5-15-0-102-genericubuntu-upgrade-linux-image-5-15-0-102-generic-64kubuntu-upgrade-linux-image-5-15-0-102-generic-lpaeubuntu-upgrade-linux-image-5-15-0-102-lowlatencyubuntu-upgrade-linux-image-5-15-0-102-lowlatency-64kubuntu-upgrade-linux-image-5-15-0-1040-gkeopubuntu-upgrade-linux-image-5-15-0-1048-nvidiaubuntu-upgrade-linux-image-5-15-0-1048-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1050-ibmubuntu-upgrade-linux-image-5-15-0-1050-raspiubuntu-upgrade-linux-image-5-15-0-1052-intel-iotgubuntu-upgrade-linux-image-5-15-0-1054-gkeubuntu-upgrade-linux-image-5-15-0-1054-kvmubuntu-upgrade-linux-image-5-15-0-1055-gcpubuntu-upgrade-linux-image-5-15-0-1055-oracleubuntu-upgrade-linux-image-5-15-0-1057-awsubuntu-upgrade-linux-image-5-15-0-1060-azureubuntu-upgrade-linux-image-5-15-0-1060-azure-fdeubuntu-upgrade-linux-image-5-4-0-1034-iotubuntu-upgrade-linux-image-5-4-0-1041-xilinx-zynqmpubuntu-upgrade-linux-image-5-4-0-1069-ibmubuntu-upgrade-linux-image-5-4-0-1082-bluefieldubuntu-upgrade-linux-image-5-4-0-1089-gkeopubuntu-upgrade-linux-image-5-4-0-1106-raspiubuntu-upgrade-linux-image-5-4-0-1110-kvmubuntu-upgrade-linux-image-5-4-0-1121-oracleubuntu-upgrade-linux-image-5-4-0-1122-awsubuntu-upgrade-linux-image-5-4-0-1126-gcpubuntu-upgrade-linux-image-5-4-0-1127-azureubuntu-upgrade-linux-image-5-4-0-175-genericubuntu-upgrade-linux-image-5-4-0-175-lowlatencyubuntu-upgrade-linux-image-5-4-0-176-genericubuntu-upgrade-linux-image-5-4-0-176-generic-lpaeubuntu-upgrade-linux-image-5-4-0-176-lowlatencyubuntu-upgrade-linux-image-6-1-0-1035-oemubuntu-upgrade-linux-image-6-5-0-1015-starfiveubuntu-upgrade-linux-image-6-5-0-1017-laptopubuntu-upgrade-linux-image-6-5-0-1018-raspiubuntu-upgrade-linux-image-6-5-0-1021-awsubuntu-upgrade-linux-image-6-5-0-1021-nvidiaubuntu-upgrade-linux-image-6-5-0-1021-nvidia-64kubuntu-upgrade-linux-image-6-5-0-1022-azureubuntu-upgrade-linux-image-6-5-0-1022-azure-fdeubuntu-upgrade-linux-image-6-5-0-1022-gcpubuntu-upgrade-linux-image-6-5-0-1024-oemubuntu-upgrade-linux-image-6-5-0-1024-oracleubuntu-upgrade-linux-image-6-5-0-1024-oracle-64kubuntu-upgrade-linux-image-6-5-0-41-genericubuntu-upgrade-linux-image-6-5-0-41-generic-64kubuntu-upgrade-linux-image-6-5-0-41-lowlatencyubuntu-upgrade-linux-image-6-5-0-41-lowlatency-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-hweubuntu-upgrade-linux-image-aws-lts-18-04ubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fde-lts-22-04ubuntu-upgrade-linux-image-azure-lts-18-04ubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-bluefieldubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-lts-18-04ubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-gkeop-5-4ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-lts-20-04ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-laptop-23-10ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-5ubuntu-upgrade-linux-image-nvidia-64k-6-5ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-20-04cubuntu-upgrade-linux-image-oem-20-04dubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-lts-18-04ubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-starfiveubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04ubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-20-04ubuntu-upgrade-linux-image-virtual-hwe-22-04ubuntu-upgrade-linux-image-virtual-lts-xenialubuntu-upgrade-linux-image-xilinx-zynqmp

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today