vulnerability
Ubuntu: (CVE-2023-52459): linux-raspi-realtime vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Feb 23, 2024 | Feb 11, 2025 | Aug 18, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Feb 23, 2024
Added
Feb 11, 2025
Modified
Aug 18, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
media: v4l: async: Fix duplicated list deletion
The list deletion call dropped here is already called from the
helper function in the line before. Having a second list_del()
call results in either a warning (with CONFIG_DEBUG_LIST=y):
list_del corruption, c46c8198->next is LIST_POISON1 (00000100)
If CONFIG_DEBUG_LIST is disabled the operation results in a
kernel error due to NULL pointer dereference.
Solution
ubuntu-upgrade-linux-raspi-realtime
References
- CVE-2023-52459
- https://attackerkb.com/topics/CVE-2023-52459
- CWE-476
- URL-https://git.kernel.org/stable/c/3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2
- URL-https://git.kernel.org/stable/c/49d82811428469566667f22749610b8c132cdb3e
- URL-https://git.kernel.org/stable/c/b7062628caeaec90e8f691ebab2d70f31b7b6b91
- URL-https://www.cve.org/CVERecord?id=CVE-2023-52459
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.