CVE & CISA-KEV Catalog

CVE-2023-52889

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SK_CTX(sk)->label is updated in apparmor_socket_post_create(), but the packet is delivered to the socket before that, causing the null pointer dereference. Drop the packet if label context is not set. BUG: kernel NULL pointer dereference, address: 000000000000004c #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 407 Comm: a.out Not tainted 6.4.12-arch1-1 #1 3e6fa2753a2d75925c34ecb78e22e85a65d083df Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/28/2020 RIP: 0010:aa_label_next_confined+0xb/0x40 Code: 00 00 48 89 ef e8 d5 25 0c 00 e9 66 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 89 f0 <8b> 77 4c 39 c6 7e 1f 48 63 d0 48 8d 14 d7 eb 0b 83 c0 01 48 83 c2 RSP: 0018:ffffa92940003b08 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000e RDX: ffffa92940003be8 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff8b57471e7800 R08: ffff8b574c642400 R09: 0000000000000002 R10: ffffffffbd820eeb R11: ffffffffbeb7ff00 R12: ffff8b574c642400 R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000000 FS: 00007fb092ea7640(0000) GS:ffff8b577bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000004c CR3: 00000001020f2005 CR4: 00000000007706f0 PKRU: 55555554 Call Trace: <IRQ> ? __die+0x23/0x70 ? page_fault_oops+0x171/0x4e0 ? exc_page_fault+0x7f/0x180 ? asm_exc_page_fault+0x26/0x30 ? aa_label_next_confined+0xb/0x40 apparmor_secmark_check+0xec/0x330 security_sock_rcv_skb+0x35/0x50 sk_filter_trim_cap+0x47/0x250 sock_queue_rcv_skb_reason+0x20/0x60 raw_rcv+0x13c/0x210 raw_local_deliver+0x1f3/0x250 ip_protocol_deliver_rcu+0x4f/0x2f0 ip_local_deliver_finish+0x76/0xa0 __netif_receive_skb_one_core+0x89/0xa0 netif_receive_skb+0x119/0x170 ? __netdev_alloc_skb+0x3d/0x140 vmxnet3_rq_rx_complete+0xb23/0x1010 [vmxnet3 56a84f9c97178c57a43a24ec073b45a9d6f01f3a] vmxnet3_poll_rx_only+0x36/0xb0 [vmxnet3 56a84f9c97178c57a43a24ec073b45a9d6f01f3a] __napi_poll+0x28/0x1b0 net_rx_action+0x2a4/0x380 __do_softirq+0xd1/0x2c8 __irq_exit_rcu+0xbb/0xf0 common_interrupt+0x86/0xa0 </IRQ> <TASK> asm_common_interrupt+0x26/0x40 RIP: 0010:apparmor_socket_post_create+0xb/0x200 Code: 08 48 85 ff 75 a1 eb b1 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 <55> 48 89 fd 53 45 85 c0 0f 84 b2 00 00 00 48 8b 1d 80 56 3f 02 48 RSP: 0018:ffffa92940ce7e50 EFLAGS: 00000286 RAX: ffffffffbc756440 RBX: 0000000000000000 RCX: 0000000000000001 RDX: 0000000000000003 RSI: 0000000000000002 RDI: ffff8b574eaab740 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: ffff8b57444cec70 R11: 0000000000000000 R12: 0000000000000003 R13: 0000000000000002 R14: ffff8b574eaab740 R15: ffffffffbd8e4748 ? __pfx_apparmor_socket_post_create+0x10/0x10 security_socket_post_create+0x4b/0x80 __sock_create+0x176/0x1f0 __sys_socket+0x89/0x100 __x64_sys_socket+0x17/0x20 do_syscall_64+0x5d/0x90 ? do_syscall_64+0x6c/0x90 ? do_syscall_64+0x6c/0x90 ? do_syscall_64+0x6c/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc

How to fix

Remediation Available
linuxDebian
Fixed in:5.10.226-1CVE-2023-52889
Fixed in:6.1.106-1CVE-2023-52889
Fixed in:6.10.3-1CVE-2023-52889
Fixed in:6.10.3-1CVE-2023-52889
linuxUbuntu
Fixed in:5.15.0-125.135USN-7100-1
Fixed in:6.8.0-50.51USN-7154-1
linux-awsUbuntu
Fixed in:5.15.0-1072.78USN-7100-2
Fixed in:6.8.0-1020.22USN-7154-1
linux-aws-5.15Ubuntu
Fixed in:5.15.0-1072.78~20.04.1USN-7100-1
linux-aws-6.8Ubuntu
Fixed in:6.8.0-1020.22~22.04.1USN-7154-1
linux-azureUbuntu
Fixed in:5.15.0-1075.84USN-7123-1
Fixed in:6.8.0-1020.23USN-7196-1
linux-azure-5.15Ubuntu
Fixed in:5.15.0-1078.87~20.04.1USN-7194-1
linux-azure-6.8Ubuntu
Fixed in:6.8.0-1020.23~22.04.1USN-7196-1
linux-gcpUbuntu
Fixed in:5.15.0-1071.79USN-7100-1
Fixed in:6.8.0-1019.21USN-7154-1
linux-gcp-5.15Ubuntu
Fixed in:5.15.0-1071.79~20.04.1USN-7100-1
linux-gcp-6.8Ubuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7154-1
linux-gkeUbuntu
Fixed in:5.15.0-1069.75USN-7100-1
Fixed in:6.8.0-1015.19USN-7154-1
linux-gkeopUbuntu
Fixed in:5.15.0-1055.62USN-7100-1
Fixed in:6.8.0-1002.4USN-7156-1
linux-gkeop-5.15Ubuntu
Fixed in:5.15.0-1055.62~20.04.1USN-7100-1
linux-hwe-5.15Ubuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
linux-hwe-6.8Ubuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-ibmUbuntu
Fixed in:5.15.0-1065.68USN-7100-1
Fixed in:6.8.0-1017.17USN-7154-1
linux-ibm-5.15Ubuntu
Fixed in:5.15.0-1065.68~20.04.1USN-7100-1
linux-image-5.15.0-1038-xilinx-zynqmpUbuntu
Fixed in:5.15.0-1038.42USN-7100-1
linux-image-5.15.0-1055-gkeopUbuntu
Fixed in:5.15.0-1055.62~20.04.1USN-7100-1
Fixed in:5.15.0-1055.62USN-7100-1
linux-image-5.15.0-1065-ibmUbuntu
Fixed in:5.15.0-1065.68~20.04.1USN-7100-1
Fixed in:5.15.0-1065.68USN-7100-1
linux-image-5.15.0-1065-raspiUbuntu
Fixed in:5.15.0-1065.68USN-7100-1
linux-image-5.15.0-1067-intel-iotgUbuntu
Fixed in:5.15.0-1067.73~20.04.1USN-7144-1
Fixed in:5.15.0-1067.73USN-7144-1
linux-image-5.15.0-1067-nvidiaUbuntu
Fixed in:5.15.0-1067.68USN-7100-1
linux-image-5.15.0-1067-nvidia-lowlatencyUbuntu
Fixed in:5.15.0-1067.68USN-7100-1
linux-image-5.15.0-1069-gkeUbuntu
Fixed in:5.15.0-1069.75USN-7100-1
linux-image-5.15.0-1069-kvmUbuntu
Fixed in:5.15.0-1069.74USN-7100-1
linux-image-5.15.0-1070-oracleUbuntu
Fixed in:5.15.0-1070.76~20.04.1USN-7100-1
Fixed in:5.15.0-1070.76USN-7100-1
linux-image-5.15.0-1071-gcpUbuntu
Fixed in:5.15.0-1071.79~20.04.1USN-7100-1
Fixed in:5.15.0-1071.79USN-7100-1
linux-image-5.15.0-1072-awsUbuntu
Fixed in:5.15.0-1072.78~20.04.1USN-7100-1
Fixed in:5.15.0-1072.78USN-7100-2
linux-image-5.15.0-1075-azureUbuntu
Fixed in:5.15.0-1075.84USN-7123-1
linux-image-5.15.0-1078-azureUbuntu
Fixed in:5.15.0-1078.87~20.04.1USN-7194-1
linux-image-5.15.0-125-genericUbuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
Fixed in:5.15.0-125.135USN-7100-1
linux-image-5.15.0-125-generic-64kUbuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
Fixed in:5.15.0-125.135USN-7100-1
linux-image-5.15.0-125-generic-lpaeUbuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
Fixed in:5.15.0-125.135USN-7100-1
linux-image-5.15.0-125-lowlatencyUbuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
Fixed in:5.15.0-125.135USN-7100-1
linux-image-5.15.0-125-lowlatency-64kUbuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
Fixed in:5.15.0-125.135USN-7100-1
linux-image-6.8.0-1002-gkeopUbuntu
Fixed in:6.8.0-1002.4USN-7156-1
linux-image-6.8.0-1015-gkeUbuntu
Fixed in:6.8.0-1015.19USN-7154-1
linux-image-6.8.0-1016-raspiUbuntu
Fixed in:6.8.0-1016.18USN-7154-1
linux-image-6.8.0-1017-ibmUbuntu
Fixed in:6.8.0-1017.17USN-7154-1
linux-image-6.8.0-1017-oracleUbuntu
Fixed in:6.8.0-1017.18~22.04.1USN-7154-1
Fixed in:6.8.0-1017.18USN-7154-1
linux-image-6.8.0-1017-oracle-64kUbuntu
Fixed in:6.8.0-1017.18~22.04.1USN-7154-1
Fixed in:6.8.0-1017.18USN-7154-1
linux-image-6.8.0-1018-oemUbuntu
Fixed in:6.8.0-1018.18USN-7154-1
linux-image-6.8.0-1019-gcpUbuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7154-1
Fixed in:6.8.0-1019.21USN-7154-1
linux-image-6.8.0-1019-nvidiaUbuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
Fixed in:6.8.0-1019.21USN-7155-1
linux-image-6.8.0-1019-nvidia-64kUbuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
Fixed in:6.8.0-1019.21USN-7155-1
linux-image-6.8.0-1019-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1019.21.1USN-7155-1
linux-image-6.8.0-1019-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1019.21.1USN-7155-1
linux-image-6.8.0-1020-awsUbuntu
Fixed in:6.8.0-1020.22~22.04.1USN-7154-1
Fixed in:6.8.0-1020.22USN-7154-1
linux-image-6.8.0-1020-azureUbuntu
Fixed in:6.8.0-1020.23~22.04.1USN-7196-1
Fixed in:6.8.0-1020.23USN-7196-1
linux-image-6.8.0-1020-azure-fdeUbuntu
Fixed in:6.8.0-1020.23~22.04.1USN-7196-1
Fixed in:6.8.0-1020.23USN-7196-1
linux-image-6.8.0-50-genericUbuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
Fixed in:6.8.0-50.51USN-7154-1
linux-image-6.8.0-50-generic-64kUbuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
Fixed in:6.8.0-50.51USN-7154-1
linux-image-6.8.0-50-lowlatencyUbuntu
Fixed in:6.8.0-50.51.1~22.04.1USN-7154-1
Fixed in:6.8.0-50.51.1USN-7154-1
linux-image-6.8.0-50-lowlatency-64kUbuntu
Fixed in:6.8.0-50.51.1~22.04.1USN-7154-1
Fixed in:6.8.0-50.51.1USN-7154-1
linux-image-awsUbuntu
Fixed in:5.15.0.1072.78~20.04.1USN-7100-1
Fixed in:6.8.0-1020.22~22.04.1USN-7154-1
Fixed in:6.8.0-1020.22USN-7154-1
linux-image-aws-lts-22.04Ubuntu
Fixed in:5.15.0.1072.72USN-7100-2
linux-image-azureUbuntu
Fixed in:5.15.0.1078.87~20.04.1USN-7194-1
Fixed in:6.8.0-1020.23~22.04.1USN-7196-1
Fixed in:6.8.0-1020.23USN-7196-1
linux-image-azure-cvmUbuntu
Fixed in:5.15.0.1078.87~20.04.1USN-7194-1
linux-image-azure-fdeUbuntu
Fixed in:6.8.0-1020.23~22.04.1USN-7196-1
Fixed in:6.8.0-1020.23USN-7196-1
linux-image-azure-lts-22.04Ubuntu
Fixed in:5.15.0.1075.73USN-7123-1
linux-image-gcpUbuntu
Fixed in:5.15.0.1071.79~20.04.1USN-7100-1
Fixed in:6.8.0-1019.21~22.04.1USN-7154-1
Fixed in:6.8.0-1019.21USN-7154-1
linux-image-gcp-lts-22.04Ubuntu
Fixed in:5.15.0.1071.67USN-7100-1
linux-image-genericUbuntu
Fixed in:5.15.0.125.124USN-7100-1
Fixed in:6.8.0-50.51USN-7154-1
linux-image-generic-64kUbuntu
Fixed in:5.15.0.125.124USN-7100-1
Fixed in:6.8.0-50.51USN-7154-1
linux-image-generic-64k-hwe-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-generic-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-generic-64k-hwe-24.04Ubuntu
Fixed in:6.8.0-50.51USN-7154-1
linux-image-generic-hwe-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-generic-hwe-22.04Ubuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-generic-hwe-24.04Ubuntu
Fixed in:6.8.0-50.51USN-7154-1
linux-image-generic-lpaeUbuntu
Fixed in:5.15.0.125.124USN-7100-1
Fixed in:6.8.0-50.51USN-7154-1
linux-image-generic-lpae-hwe-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-gkeUbuntu
Fixed in:5.15.0.1069.68USN-7100-1
Fixed in:6.8.0-1015.19USN-7154-1
linux-image-gke-5.15Ubuntu
Fixed in:5.15.0.1069.68USN-7100-1
linux-image-gkeopUbuntu
Fixed in:5.15.0.1055.54USN-7100-1
Fixed in:6.8.0-1002.4USN-7156-1
linux-image-gkeop-5.15Ubuntu
Fixed in:5.15.0.1055.62~20.04.1USN-7100-1
Fixed in:5.15.0.1055.54USN-7100-1
linux-image-gkeop-6.8Ubuntu
Fixed in:6.8.0-1002.4USN-7156-1
linux-image-ibmUbuntu
Fixed in:5.15.0.1065.68~20.04.1USN-7100-1
Fixed in:5.15.0.1065.61USN-7100-1
Fixed in:6.8.0-1017.17USN-7154-1
linux-image-ibm-classicUbuntu
Fixed in:6.8.0-1017.17USN-7154-1
linux-image-ibm-lts-24.04Ubuntu
Fixed in:6.8.0-1017.17USN-7154-1
linux-image-intelUbuntu
Fixed in:5.15.0.1067.73~20.04.1USN-7144-1
linux-image-intel-iotgUbuntu
Fixed in:5.15.0.1067.73~20.04.1USN-7144-1
Fixed in:5.15.0.1067.67USN-7144-1
linux-image-kvmUbuntu
Fixed in:5.15.0.1069.65USN-7100-1
Fixed in:6.8.0-50.51USN-7154-1
linux-image-lowlatencyUbuntu
Fixed in:5.15.0.125.113USN-7100-1
Fixed in:6.8.0-50.51.1USN-7154-1
linux-image-lowlatency-64kUbuntu
Fixed in:5.15.0.125.113USN-7100-1
Fixed in:6.8.0-50.51.1USN-7154-1
linux-image-lowlatency-64k-hwe-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-lowlatency-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-50.51.1~22.04.1USN-7154-1
linux-image-lowlatency-64k-hwe-24.04Ubuntu
Fixed in:6.8.0-50.51.1USN-7154-1
linux-image-lowlatency-hwe-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-lowlatency-hwe-22.04Ubuntu
Fixed in:6.8.0-50.51.1~22.04.1USN-7154-1
linux-image-lowlatency-hwe-24.04Ubuntu
Fixed in:6.8.0-50.51.1USN-7154-1
linux-image-nvidiaUbuntu
Fixed in:5.15.0.1067.67USN-7100-1
Fixed in:6.8.0-1019.21USN-7155-1
linux-image-nvidia-6.8Ubuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
linux-image-nvidia-64kUbuntu
Fixed in:6.8.0-1019.21USN-7155-1
linux-image-nvidia-64k-6.8Ubuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
linux-image-nvidia-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
linux-image-nvidia-hwe-22.04Ubuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
linux-image-nvidia-lowlatencyUbuntu
Fixed in:5.15.0.1067.67USN-7100-1
Fixed in:6.8.0-1019.21.1USN-7155-1
linux-image-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1019.21.1USN-7155-1
linux-image-oem-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-oem-20.04bUbuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-oem-20.04cUbuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-oem-20.04dUbuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-oem-22.04Ubuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-oem-22.04aUbuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-oem-22.04bUbuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-oem-22.04cUbuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-oem-22.04dUbuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-oem-24.04Ubuntu
Fixed in:6.8.0-1018.18USN-7154-1
linux-image-oem-24.04aUbuntu
Fixed in:6.8.0-1018.18USN-7154-1
linux-image-oracleUbuntu
Fixed in:5.15.0.1070.76~20.04.1USN-7100-1
Fixed in:6.8.0-1017.18~22.04.1USN-7154-1
Fixed in:6.8.0-1017.18USN-7154-1
linux-image-oracle-64kUbuntu
Fixed in:6.8.0-1017.18~22.04.1USN-7154-1
Fixed in:6.8.0-1017.18USN-7154-1
linux-image-oracle-lts-22.04Ubuntu
Fixed in:5.15.0.1070.66USN-7100-1
linux-image-raspiUbuntu
Fixed in:5.15.0.1065.63USN-7100-1
Fixed in:6.8.0-1016.18USN-7154-1
linux-image-raspi-nolpaeUbuntu
Fixed in:5.15.0.1065.63USN-7100-1
linux-image-virtualUbuntu
Fixed in:5.15.0.125.124USN-7100-1
Fixed in:6.8.0-50.51USN-7154-1
linux-image-virtual-hwe-20.04Ubuntu
Fixed in:5.15.0.125.135~20.04.1USN-7100-1
linux-image-virtual-hwe-22.04Ubuntu
Fixed in:6.8.0-50.51~22.04.1USN-7154-2
linux-image-virtual-hwe-24.04Ubuntu
Fixed in:6.8.0-50.51USN-7154-1
linux-image-xilinx-zynqmpUbuntu
Fixed in:5.15.0.1038.42USN-7100-1
linux-intel-iotgUbuntu
Fixed in:5.15.0-1067.73USN-7144-1
linux-intel-iotg-5.15Ubuntu
Fixed in:5.15.0-1067.73~20.04.1USN-7144-1
linux-kvmUbuntu
Fixed in:5.15.0-1069.74USN-7100-1
linux-lowlatencyUbuntu
Fixed in:5.15.0-125.135USN-7100-1
Fixed in:6.8.0-50.51.1USN-7154-1
linux-lowlatency-hwe-5.15Ubuntu
Fixed in:5.15.0-125.135~20.04.1USN-7100-1
linux-lowlatency-hwe-6.8Ubuntu
Fixed in:6.8.0-50.51.1~22.04.1USN-7154-1
linux-nvidiaUbuntu
Fixed in:5.15.0-1067.68USN-7100-1
Fixed in:6.8.0-1019.21USN-7155-1
linux-nvidia-6.8Ubuntu
Fixed in:6.8.0-1019.21~22.04.1USN-7155-1
linux-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1019.21.1USN-7155-1
linux-oem-6.8Ubuntu
Fixed in:6.8.0-1018.18USN-7154-1
linux-oracleUbuntu
Fixed in:5.15.0-1070.76USN-7100-1
Fixed in:6.8.0-1017.18USN-7154-1
linux-oracle-5.15Ubuntu
Fixed in:5.15.0-1070.76~20.04.1USN-7100-1
linux-oracle-6.8Ubuntu
Fixed in:6.8.0-1017.18~22.04.1USN-7154-1
linux-raspiUbuntu
Fixed in:5.15.0-1065.68USN-7100-1
Fixed in:6.8.0-1016.18USN-7154-1
linux-xilinx-zynqmpUbuntu
Fixed in:5.15.0-1038.42USN-7100-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.23%probability of exploitation in 30 days
14thpercentile

Low risk: more likely to be exploited than 14% of all known CVEs.

References

Related Vulnerabilities

Other CWE-476 (NULL Pointer Dereference) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-21758High7.592%-Fix
CVE-2023-21547High7.588%-Fix
CVE-2014-3470Medium4.386%-Fix
CVE-2021-44224High8.282%-Fix
CVE-2016-0742High7.582%-Fix
CVE-2009-1386Medium5.080%-Fix
Embed a live status badge for CVE-2023-52889
CVE-2023-52889 severity badge

Markdown

[![CVE-2023-52889](https://tridentstack.com/cve/badge/CVE-2023-52889.svg)](https://tridentstack.com/cve/CVE-2023-52889)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-52889"><img src="https://tridentstack.com/cve/badge/CVE-2023-52889.svg" alt="CVE-2023-52889"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-03.