VIR Vulnerability Intelligence Relay

CVE-2023-52939

high
Published 2024-04-30 · Modified 2024-04-30
CVSS v3
VIR risk
8.0

Description

In the Linux kernel, the following vulnerability has been resolved: mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath() As commit 18365225f044 ("hwpoison, memcg: forcibly uncharge LRU pages"), hwpoison will forcibly uncharg a LRU hwpoisoned page, the folio_memcg could be NULl, then, mem_cgroup_track_foreign_dirty_slowpath() could occurs a NULL pointer dereference, let's do not record the foreign writebacks for folio memcg is null in mem_cgroup_track_foreign_dirty() to fix it.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
suse slesaffected
debian debianbookwormfixed6.1.11-1
debian debianbullseyeaffected
debian debianforkyfixed6.1.11-1
debian debiansidfixed6.1.11-1
debian debiantrixiefixed6.1.11-1

References

💬 Discuss CVE-2023-52939 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.