CVE-2023-52459

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52459
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52459.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52459
Downstream
Related
Published
2024-02-23T14:46:21Z
Modified
2025-10-08T15:33:05.617461Z
Summary
media: v4l: async: Fix duplicated list deletion
Details

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Fix duplicated list deletion

The list deletion call dropped here is already called from the helper function in the line before. Having a second listdel() call results in either a warning (with CONFIGDEBUG_LIST=y):

listdel corruption, c46c8198->next is LISTPOISON1 (00000100)

If CONFIGDEBUGLIST is disabled the operation results in a kernel error due to NULL pointer dereference.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
28a1295795d85a25f2e7dd391c43969e95fcb341
Fixed
b7062628caeaec90e8f691ebab2d70f31b7b6b91
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
28a1295795d85a25f2e7dd391c43969e95fcb341
Fixed
49d82811428469566667f22749610b8c132cdb3e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
28a1295795d85a25f2e7dd391c43969e95fcb341
Fixed
3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2

Affected versions

v6.*

v6.5
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.2
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 673.0,
                "function_hash": "312727021452839136689790239100327315326"
            },
            "id": "CVE-2023-52459-0adb2fcc",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "function": "v4l2_async_unregister_subdev",
                "file": "drivers/media/v4l2-core/v4l2-async.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2"
        },
        {
            "digest": {
                "line_hashes": [
                    "144818502249641348033395686373518946323",
                    "235509503961851575746878392358304277558",
                    "318888434849942791287399737870775019716",
                    "215832408338834780656025404117335188470"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52459-0d4e6b83",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/media/v4l2-core/v4l2-async.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b7062628caeaec90e8f691ebab2d70f31b7b6b91"
        },
        {
            "digest": {
                "line_hashes": [
                    "144818502249641348033395686373518946323",
                    "235509503961851575746878392358304277558",
                    "318888434849942791287399737870775019716",
                    "215832408338834780656025404117335188470"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52459-593d2b21",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/media/v4l2-core/v4l2-async.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2"
        },
        {
            "digest": {
                "length": 673.0,
                "function_hash": "312727021452839136689790239100327315326"
            },
            "id": "CVE-2023-52459-8b6c03a9",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "function": "v4l2_async_unregister_subdev",
                "file": "drivers/media/v4l2-core/v4l2-async.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b7062628caeaec90e8f691ebab2d70f31b7b6b91"
        },
        {
            "digest": {
                "line_hashes": [
                    "144818502249641348033395686373518946323",
                    "235509503961851575746878392358304277558",
                    "318888434849942791287399737870775019716",
                    "215832408338834780656025404117335188470"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2023-52459-bf2079c4",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "drivers/media/v4l2-core/v4l2-async.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49d82811428469566667f22749610b8c132cdb3e"
        },
        {
            "digest": {
                "length": 673.0,
                "function_hash": "312727021452839136689790239100327315326"
            },
            "id": "CVE-2023-52459-c73b4b2b",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "function": "v4l2_async_unregister_subdev",
                "file": "drivers/media/v4l2-core/v4l2-async.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49d82811428469566667f22749610b8c132cdb3e"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.14
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.2