ghsa-3g53-3cmj-qjrh
Vulnerability from github
Published
2025-10-01 12:30
Modified
2025-10-01 12:30
Details

In the Linux kernel, the following vulnerability has been resolved:

pwm: lpc32xx: Remove handling of PWM channels

Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm value is always 0. On basis of this fact simplify the code by removing operations with pwm->hwpwm, there is no controls which require channel number as input.

Even though I wasn't aware at the time when I forward ported that patch, this fixes a null pointer dereference as lpc32xx->chip.pwms is NULL before devm_pwmchip_add() is called.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-53472"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:49Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: lpc32xx: Remove handling of PWM channels\n\nBecause LPC32xx PWM controllers have only a single output which is\nregistered as the only PWM device/channel per controller, it is known in\nadvance that pwm-\u003ehwpwm value is always 0. On basis of this fact\nsimplify the code by removing operations with pwm-\u003ehwpwm, there is no\ncontrols which require channel number as input.\n\nEven though I wasn\u0027t aware at the time when I forward ported that patch,\nthis fixes a null pointer dereference as lpc32xx-\u003echip.pwms is NULL\nbefore devm_pwmchip_add() is called.",
  "id": "GHSA-3g53-3cmj-qjrh",
  "modified": "2025-10-01T12:30:29Z",
  "published": "2025-10-01T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53472"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/04301da4d87067a989f70ee56942bf9d97cd2a45"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4aae44f65827f0213a7361cf9c32cfe06114473f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/523f6268e86552a048975749251184c4e9a4b38f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5e22217c11424ef958ba28d03ff7167b4d7a8914"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a2d9d884e84bfd37892219b1f55847f36d8e9901"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a9a505f5b39d8fff1a55963a5e524c84639e98b2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/abd9b2ee4047ccd980decbf26d61f9637604b1d5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e3a0ddbaf7f1f9ffc070718b417461ced3268758"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.