CVE-2023-52708

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-52708
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52708.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52708
Downstream
Related
Published
2024-05-21T15:22:55.975Z
Modified
2026-04-11T12:46:35.279930Z
Summary
mmc: mmc_spi: fix error handling in mmc_spi_probe()
Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: mmcspi: fix error handling in mmcspi_probe()

If mmcaddhost() fails, it doesn't need to call mmcremovehost(), or it will cause null-ptr-deref, because of deleting a not added device in mmcremovehost().

To fix this, goto label 'failglueinit', if mmcaddhost() fails, and change the label 'failaddhost' to 'failgpiodrequest'.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52708.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
15a0580ced081a0f7dc2deea8a4812bdc5e9a109
Fixed
e9b488d60f51ae312006e224e03a30a151c28bdd
Fixed
0b3edcb24bd81b3b2e3dac89f4733bfd47d283be
Fixed
ecad2fafd424ffdc203b2748ded0b37e4bbecef3
Fixed
82645bf4ed02abe930a659c5fe16d593a6dbd93f
Fixed
cf4c9d2ac1e42c7d18b921bec39486896645b714

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52708.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.24
Fixed
5.4.232
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.169
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.95
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.13

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52708.json"