vulnerability
Ubuntu: (CVE-2023-52459): linux-raspi-realtime vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Feb 23, 2024 | Feb 11, 2025 | Apr 16, 2026 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Feb 23, 2024
Added
Feb 11, 2025
Modified
Apr 16, 2026
Description
In the Linux kernel, the following vulnerability has been resolved:
media: v4l: async: Fix duplicated list deletion
The list deletion call dropped here is already called from the
helper function in the line before. Having a second list_del()
call results in either a warning (with CONFIG_DEBUG_LIST=y):
list_del corruption, c46c8198->next is LIST_POISON1 (00000100)
If CONFIG_DEBUG_LIST is disabled the operation results in a
kernel error due to NULL pointer dereference.
Solution
ubuntu-upgrade-linux-raspi-realtime
References
- CVE-2023-52459
- https://attackerkb.com/topics/CVE-2023-52459
- CWE-476
- EUVD-EUVD-2023-57084
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-57084
- https://git.kernel.org/stable/c/3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2
- https://git.kernel.org/stable/c/49d82811428469566667f22749610b8c132cdb3e
- https://git.kernel.org/stable/c/b7062628caeaec90e8f691ebab2d70f31b7b6b91
- https://www.cve.org/CVERecord?id=CVE-2023-52459
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.