CVE-2023-52524 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391
https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391
https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b
https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082
https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb
https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916
https://lore.kernel.org/linux-cve-announce/2024030253-CVE-2023-52524-a5e0@gregkh/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2023-52524
https://www.cve.org/CVERecord?id=CVE-2023-52524

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-667
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.6:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.6:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.6:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.6:rc4::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52524", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.317Z", "datePublished": "2024-03-02T21:52:30.995Z", "dateUpdated": "2025-05-04T12:49:09.323Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:49:09.323Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/nfc/llcp_core.c"], "versions": [{"version": "dd6ff3f3862709ab1a12566e73b9d6a9b8f6e548", "lessThan": "191d87a19cf1005ecf41e1ae08d74e17379e8391", "status": "affected", "versionType": "git"}, {"version": "96f2c6f272ec04083d828de46285a7d7b17d1aad", "lessThan": "dba849cc98113b145c6e720122942c00b8012bdb", "status": "affected", "versionType": "git"}, {"version": "fc8429f8d86801f092fbfbd257c3af821ac0dcd3", "lessThan": "4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b", "status": "affected", "versionType": "git"}, {"version": "425d9d3a92df7d96b3cfb7ee5c240293a21cbde3", "lessThan": "7562780e32b84196731d57dd24563546fcf6d082", "status": "affected", "versionType": "git"}, {"version": "6709d4b7bc2e079241fdef15d1160581c5261c10", "lessThan": "29c16c2bf5866326d5fbc4a537b3997fcac23391", "status": "affected", "versionType": "git"}, {"version": "6709d4b7bc2e079241fdef15d1160581c5261c10", "lessThan": "dfc7f7a988dad34c3bf4c053124fb26aa6c5f916", "status": "affected", "versionType": "git"}, {"version": "b3ad46e155a6d91b36c6e892019a43e3ef3c696d", "status": "affected", "versionType": "git"}, {"version": "e5207c1d69b1a9707615ab6ff9376e59fc096815", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/nfc/llcp_core.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.258", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.198", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.135", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.57", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.7", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.251", "versionEndExcluding": "5.4.258"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.188", "versionEndExcluding": "5.10.198"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.121", "versionEndExcluding": "5.15.135"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.39", "versionEndExcluding": "6.1.57"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.5.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391"}, {"url": "https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb"}, {"url": "https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b"}, {"url": "https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082"}, {"url": "https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391"}, {"url": "https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916"}], "title": "net: nfc: llcp: Add lock when modifying device list", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52524", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-04T20:30:07.758768Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:23:00.826Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.704Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-52524 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-20T12:30:33.317Z (string)

datePublished : 2024-03-02T21:52:30.995Z (string)

dateUpdated : 2025-05-04T12:49:09.323Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T12:49:09.323Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/nfc/llcp_core.c (string)

]

versions : [ »

0 : { »

version : dd6ff3f3862709ab1a12566e73b9d6a9b8f6e548 (string)

lessThan : 191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 96f2c6f272ec04083d828de46285a7d7b17d1aad (string)

lessThan : dba849cc98113b145c6e720122942c00b8012bdb (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : fc8429f8d86801f092fbfbd257c3af821ac0dcd3 (string)

lessThan : 4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 425d9d3a92df7d96b3cfb7ee5c240293a21cbde3 (string)

lessThan : 7562780e32b84196731d57dd24563546fcf6d082 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 6709d4b7bc2e079241fdef15d1160581c5261c10 (string)

lessThan : 29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 6709d4b7bc2e079241fdef15d1160581c5261c10 (string)

lessThan : dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : b3ad46e155a6d91b36c6e892019a43e3ef3c696d (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : e5207c1d69b1a9707615ab6ff9376e59fc096815 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/nfc/llcp_core.c (string)

]

versions : [ »

0 : { »

version : 6.5 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 6.5 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 5.4.258 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.10.198 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.15.135 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 6.1.57 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.5.7 (string)

lessThanOrEqual : 6.5.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.6 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.4.251 (string)

versionEndExcluding : 5.4.258 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.10.188 (string)

versionEndExcluding : 5.10.198 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.15.121 (string)

versionEndExcluding : 5.15.135 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.1.39 (string)

versionEndExcluding : 6.1.57 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.5 (string)

versionEndExcluding : 6.5.7 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.5 (string)

versionEndExcluding : 6.6 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.3.13 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 6.4.4 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb (string)

}

2 : { »

url : https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

}

3 : { »

url : https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

}

]

title : net: nfc: llcp: Add lock when modifying device list (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-52524 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-03-04T20:30:07.758768Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-04T17:23:00.826Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:03:20.704Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.704Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52524", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-04T20:30:07.758768Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:14.885Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "net: nfc: llcp: Add lock when modifying device list", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "dd6ff3f3862709ab1a12566e73b9d6a9b8f6e548", "lessThan": "191d87a19cf1005ecf41e1ae08d74e17379e8391", "versionType": "git"}, {"status": "affected", "version": "96f2c6f272ec04083d828de46285a7d7b17d1aad", "lessThan": "dba849cc98113b145c6e720122942c00b8012bdb", "versionType": "git"}, {"status": "affected", "version": "fc8429f8d86801f092fbfbd257c3af821ac0dcd3", "lessThan": "4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b", "versionType": "git"}, {"status": "affected", "version": "425d9d3a92df7d96b3cfb7ee5c240293a21cbde3", "lessThan": "7562780e32b84196731d57dd24563546fcf6d082", "versionType": "git"}, {"status": "affected", "version": "6709d4b7bc2e079241fdef15d1160581c5261c10", "lessThan": "29c16c2bf5866326d5fbc4a537b3997fcac23391", "versionType": "git"}, {"status": "affected", "version": "6709d4b7bc2e079241fdef15d1160581c5261c10", "lessThan": "dfc7f7a988dad34c3bf4c053124fb26aa6c5f916", "versionType": "git"}, {"status": "affected", "version": "b3ad46e155a6d91b36c6e892019a43e3ef3c696d", "versionType": "git"}, {"status": "affected", "version": "e5207c1d69b1a9707615ab6ff9376e59fc096815", "versionType": "git"}], "programFiles": ["net/nfc/llcp_core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.5"}, {"status": "unaffected", "version": "0", "lessThan": "6.5", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.258", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.198", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.135", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.57", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.5.7", "versionType": "semver", "lessThanOrEqual": "6.5.*"}, {"status": "unaffected", "version": "6.6", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/nfc/llcp_core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391"}, {"url": "https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb"}, {"url": "https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b"}, {"url": "https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082"}, {"url": "https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391"}, {"url": "https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.258", "versionStartIncluding": "5.4.251"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.198", "versionStartIncluding": "5.10.188"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.135", "versionStartIncluding": "5.15.121"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.57", "versionStartIncluding": "6.1.39"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.5.7", "versionStartIncluding": "6.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6", "versionStartIncluding": "6.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.3.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.4.4"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:49:09.323Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52524", "state": "PUBLISHED", "dateUpdated": "2025-05-04T12:49:09.323Z", "dateReserved": "2024-02-20T12:30:33.317Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-02T21:52:30.995Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:03:20.704Z (string)

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-52524 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-03-04T20:30:07.758768Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-05-23T19:01:14.885Z (string)

}

title : CISA ADP Vulnrichment (string)

}

]

cna : { »

title : net: nfc: llcp: Add lock when modifying device list (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : dd6ff3f3862709ab1a12566e73b9d6a9b8f6e548 (string)

lessThan : 191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 96f2c6f272ec04083d828de46285a7d7b17d1aad (string)

lessThan : dba849cc98113b145c6e720122942c00b8012bdb (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : fc8429f8d86801f092fbfbd257c3af821ac0dcd3 (string)

lessThan : 4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 425d9d3a92df7d96b3cfb7ee5c240293a21cbde3 (string)

lessThan : 7562780e32b84196731d57dd24563546fcf6d082 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 6709d4b7bc2e079241fdef15d1160581c5261c10 (string)

lessThan : 29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 6709d4b7bc2e079241fdef15d1160581c5261c10 (string)

lessThan : dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : b3ad46e155a6d91b36c6e892019a43e3ef3c696d (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : e5207c1d69b1a9707615ab6ff9376e59fc096815 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : net/nfc/llcp_core.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.5 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 6.5 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 5.4.258 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

3 : { »

status : unaffected (string)

version : 5.10.198 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

4 : { »

status : unaffected (string)

version : 5.15.135 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

5 : { »

status : unaffected (string)

version : 6.1.57 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

6 : { »

status : unaffected (string)

version : 6.5.7 (string)

versionType : semver (string)

lessThanOrEqual : 6.5.* (string)

}

7 : { »

status : unaffected (string)

version : 6.6 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : net/nfc/llcp_core.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb (string)

}

2 : { »

url : https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

}

3 : { »

url : https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.258 (string)

versionStartIncluding : 5.4.251 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.198 (string)

versionStartIncluding : 5.10.188 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.135 (string)

versionStartIncluding : 5.15.121 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.1.57 (string)

versionStartIncluding : 6.1.39 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.5.7 (string)

versionStartIncluding : 6.5 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.6 (string)

versionStartIncluding : 6.5 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionStartIncluding : 6.3.13 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionStartIncluding : 6.4.4 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T12:49:09.323Z (string)

}

cveMetadata : { »

cveId : CVE-2023-52524 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T12:49:09.323Z (string)

dateReserved : 2024-02-20T12:30:33.317Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-03-02T21:52:30.995Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEF23E2F-2D7D-429D-9A9D-3C3037DDF337", "versionEndExcluding": "5.4.258", "versionStartIncluding": "5.4.251", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BF9EEBD-3033-41C3-9E3C-16AFB9AF75A7", "versionEndExcluding": "5.10.198", "versionStartIncluding": "5.10.188", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2FDE0B2-2B57-44AB-9D8B-CB4E865DEB90", "versionEndExcluding": "5.15.135", "versionStartIncluding": "5.15.121", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "52806B93-9F14-4809-8A4B-10AC41AC10D1", "versionEndExcluding": "6.1.57", "versionStartIncluding": "6.1.39", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "237658B4-9F55-44A1-8440-9BFCDD0E6390", "versionEndExcluding": "6.5.7", "versionStartIncluding": "6.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*", "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: nfc: llcp: Agregar bloqueo al modificar la lista de dispositivos La lista de dispositivos necesita mantener su bloqueo asociado al modificarla, o la lista podr\u00eda corromperse, como descubri\u00f3 syzbot."}], "id": "CVE-2023-52524", "lastModified": "2025-01-13T20:00:51.600", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-02T22:15:48.263", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CEF23E2F-2D7D-429D-9A9D-3C3037DDF337 (string)

versionEndExcluding : 5.4.258 (string)

versionStartIncluding : 5.4.251 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7BF9EEBD-3033-41C3-9E3C-16AFB9AF75A7 (string)

versionEndExcluding : 5.10.198 (string)

versionStartIncluding : 5.10.188 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C2FDE0B2-2B57-44AB-9D8B-CB4E865DEB90 (string)

versionEndExcluding : 5.15.135 (string)

versionStartIncluding : 5.15.121 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 52806B93-9F14-4809-8A4B-10AC41AC10D1 (string)

versionEndExcluding : 6.1.57 (string)

versionStartIncluding : 6.1.39 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 237658B4-9F55-44A1-8440-9BFCDD0E6390 (string)

versionEndExcluding : 6.5.7 (string)

versionStartIncluding : 6.5 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 84267A4F-DBC2-444F-B41D-69E15E1BEC97 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:* (string)

matchCriteriaId : FB440208-241C-4246-9A83-C1715C0DAA6C (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:* (string)

matchCriteriaId : 0DC421F1-3D5A-4BEF-BF76-4E468985D20B (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:* (string)

matchCriteriaId : 00AB783B-BE05-40E8-9A55-6AA457D95031 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: nfc: llcp: Agregar bloqueo al modificar la lista de dispositivos La lista de dispositivos necesita mantener su bloqueo asociado al modificarla, o la lista podría corromperse, como descubrió syzbot. (string)

}

]

id : CVE-2023-52524 (string)

lastModified : 2025-01-13T20:00:51.600 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-03-02T22:15:48.263 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-667 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: net: nfc: llcp: Add lock when modifying device list", "id": "2267793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267793"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-414", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: nfc: llcp: Add lock when modifying device list\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered.", "A flaw was found in the net:nfc:llcp component in the Linux kernel that could allow for potential data corruption when the device list is accessed and modified, as there are no locks present to avoid concurrent modifications."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52524", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52524\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52524\nhttps://lore.kernel.org/linux-cve-announce/2024030253-CVE-2023-52524-a5e0@gregkh/T/#u"], "statement": "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability.", "threat_severity": "Moderate"}

{

bugzilla : { »

description : kernel: net: nfc: llcp: Add lock when modifying device list (string)

id : 2267793 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2267793 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 6.7 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

status : draft (string)

}

cwe : CWE-414 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered. (string)

1 : A flaw was found in the net:nfc:llcp component in the Linux kernel that could allow for potential data corruption when the device list is accessed and modified, as there are no locks present to avoid concurrent modifications. (string)

]

mitigation : { »

lang : en:us (string)

value : Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. (string)

}

name : CVE-2023-52524 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-03-02T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2023-52524 https://nvd.nist.gov/vuln/detail/CVE-2023-52524 https://lore.kernel.org/linux-cve-announce/2024030253-CVE-2023-52524-a5e0@gregkh/T/#u (string)

]

statement : Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability. (string)

threat_severity : Moderate (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object