CVE-2023-53250
- Source
- https://cve.org/CVERecord?id=CVE-2023-53250
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53250.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53250
- Downstream
- Related
- Published
- 2025-09-15T14:46:20.011Z
- Modified
- 2026-03-20T12:33:03.063685Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
firmware: dmi-sysfs: Fix null-ptr-deref in dmisysfsregister_handle
KASAN reported a null-ptr-deref error:
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 1373 Comm: modprobe Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:dmisysfsentryrelease ... Call Trace: <TASK> kobjectput dmisysfsregisterhandle (drivers/firmware/dmi-sysfs.c:540) dmisysfs dmidecodetable (drivers/firmware/dmiscan.c:133) dmiwalk (drivers/firmware/dmiscan.c:1115) dmisysfsinit (drivers/firmware/dmi-sysfs.c:149) dmisysfs dooneinitcall (init/main.c:1296) ... Kernel panic - not syncing: Fatal exception Kernel Offset: 0x4000000 from 0xffffffff81000000 ---[ end Kernel panic - not syncing: Fatal exception ]---
It is because previous patch added kobjectput() to release the memory which will call dmisysfsentryrelease() and list_del().
However, listaddtail(entry->list) is called after the error block, so the list_head is uninitialized and cannot be deleted.
Move error handling to after listaddtail to fix this.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53250.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/18e126e97c961f7a93823795c879d7c085fe5098
- https://git.kernel.org/stable/c/5d0492d1d934642bdfd2057acc1b56f4b57be465
- https://git.kernel.org/stable/c/b4fe158259fb5fead52ff2b55841ec5c39492604
- https://git.kernel.org/stable/c/e851996b32264e78a10863c2ac41a8689d7b9252
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53250.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53250
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedfdffa4ad8f6bf1ece877edfb807f2b2c729d8578Fixedb4fe158259fb5fead52ff2b55841ec5c39492604
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced660ba678f9998aca6db74f2dd912fa5124f0fa31Fixede851996b32264e78a10863c2ac41a8689d7b9252Fixed5d0492d1d934642bdfd2057acc1b56f4b57be465Fixed18e126e97c961f7a93823795c879d7c085fe5098
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affecteda9bfb37d6ba7c376b0d53337a4c5f5ff324bd725Last affecteded38d04342dfbe9e5aca745c8b5eb4188a74f0efLast affectedc66cc3c62870a27ea8f060a7e4c1ad8d26dd3f0dLast affecteda724634b2a49f6ff0177a9e19a5a92fc1545e1b7Last affected985706bd3bbeffc8737bc05965ca8d24837bc7dbLast affected3ba359ebe914ac3f8c6c832b28007c14c39d3766Last affectedec752973aa721ee281d5441e497364637c626c7b