github - ghsa-3m82-8cm9-hcf4

ghsa-3m82-8cm9-hcf4

Vulnerability from github

Published

2025-09-17 15:30

Modified

2025-09-17 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

regulator: da9063: better fix null deref with partial DT

Two versions of the original patch were sent but V1 was merged instead of V2 due to a mistake.

So update to V2.

The advantage of V2 is that it completely avoids dereferencing the pointer, even just to take the address, which may fix problems with some compilers. Both versions work on my gcc 9.4 but use the safer one.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-53364"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:40Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9063: better fix null deref with partial DT\n\nTwo versions of the original patch were sent but V1 was merged instead\nof V2 due to a mistake.\n\nSo update to V2.\n\nThe advantage of V2 is that it completely avoids dereferencing the pointer,\neven just to take the address, which may fix problems with some compilers.\nBoth versions work on my gcc 9.4 but use the safer one.",
  "id": "GHSA-3m82-8cm9-hcf4",
  "modified": "2025-09-17T15:30:39Z",
  "published": "2025-09-17T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53364"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/30c694fd4a99fbbc4115d180156ca01b60953371"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa402a3b553bd4829f4504058d53b0351c66c9d4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2023-53364 (GCVE-0-2023-53364)

Vulnerability from cvelistv5

Published

2025-09-17 14:56

Modified

2025-09-17 14:56

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: better fix null deref with partial DT Two versions of the original patch were sent but V1 was merged instead of V2 due to a mistake. So update to V2. The advantage of V2 is that it completely avoids dereferencing the pointer, even just to take the address, which may fix problems with some compilers. Both versions work on my gcc 9.4 but use the safer one.

References

URL

Tags

	https://git.kernel.org/stable/c/aa402a3b553bd4829f4504058d53b0351c66c9d4
	https://git.kernel.org/stable/c/30c694fd4a99fbbc4115d180156ca01b60953371

Impacted products

Vendor

Product

Version

Version: 04a025b17d83d07924e5e32508c72536ab8f42d9
Version: 98e2dd5f7a8be5cb2501a897e96910393a49f0ff

Version: 6.4.7 ≤

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/regulator/da9063-regulator.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "aa402a3b553bd4829f4504058d53b0351c66c9d4",
              "status": "affected",
              "version": "04a025b17d83d07924e5e32508c72536ab8f42d9",
              "versionType": "git"
            },
            {
              "lessThan": "30c694fd4a99fbbc4115d180156ca01b60953371",
              "status": "affected",
              "version": "98e2dd5f7a8be5cb2501a897e96910393a49f0ff",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/regulator/da9063-regulator.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.4.12",
              "status": "affected",
              "version": "6.4.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.12",
                  "versionStartIncluding": "6.4.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9063: better fix null deref with partial DT\n\nTwo versions of the original patch were sent but V1 was merged instead\nof V2 due to a mistake.\n\nSo update to V2.\n\nThe advantage of V2 is that it completely avoids dereferencing the pointer,\neven just to take the address, which may fix problems with some compilers.\nBoth versions work on my gcc 9.4 but use the safer one."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-17T14:56:53.120Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/aa402a3b553bd4829f4504058d53b0351c66c9d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/30c694fd4a99fbbc4115d180156ca01b60953371"
        }
      ],
      "title": "regulator: da9063: better fix null deref with partial DT",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53364",
    "datePublished": "2025-09-17T14:56:53.120Z",
    "dateReserved": "2025-09-17T14:54:09.733Z",
    "dateUpdated": "2025-09-17T14:56:53.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.