CVE-2023-53555
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53555
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53555.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53555
- Downstream
- Published
- 2025-10-04T15:17:00Z
- Modified
- 2025-10-16T18:16:32.897771Z
- Summary
- mm/damon/core: initialize damo_filter->list from damos_new_filter()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/core: initialize damofilter->list from damosnew_filter()
damosnewfilter() is not initializing the list field of newly allocated filter object. However, DAMON sysfs interface and DAMONRECLAIM are not initializing it after calling damosnewfilter(). As a result, accessing uninitialized memory is possible. Actually, adding multiple DAMOS filters via DAMON sysfs interface caused NULL pointer dereferencing. Initialize the field just after the allocation from damosnew_filter().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced98def236f63c66629fb6b2d4b69cecffc5b46539Fixedda7beebb49c643cd03c54447ed66595936a7a1ce
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced98def236f63c66629fb6b2d4b69cecffc5b46539Fixed5f1fc67f2cb8d3035d3acd273b48b97835af8afd
Affected versions
v6.*
v6.2
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.10
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.4.8
v6.4.9
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4