CVE-2023-53336 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipu_bridge_parse_rotation() and ipu_bridge_parse_orientation() run sensor->adev is not set yet. So if either of the dev_warn() calls about unknown values are hit this will lead to a NULL pointer deref. Set sensor->adev earlier, with a borrowed ref to avoid making unrolling on errors harder, to fix this.

PUBLISHED Reserved 2025-09-16 | Published 2025-09-17 | Updated 2025-09-17 | Assigner Linux

Product status

Default status

unaffected

485aa3df0dffa62d347ea4e0116f549338accc59 (git) before 3de35e29cfddfe6bff762b15bcfe8d80bebac6cb

affected

485aa3df0dffa62d347ea4e0116f549338accc59 (git) before e08b091e33ecf6e4cb2c0c5820a69abe7673280b

affected

485aa3df0dffa62d347ea4e0116f549338accc59 (git) before 284be5693163343e1cf17c03917eecd1d6681bcf

affected

Default status

affected

5.16

affected

Any version before 5.16

unaffected

6.4.16 (semver)

unaffected

6.5.3 (semver)

unaffected

6.6 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/3de35e29cfddfe6bff762b15bcfe8d80bebac6cb

git.kernel.org/...c/e08b091e33ecf6e4cb2c0c5820a69abe7673280b

git.kernel.org/...c/284be5693163343e1cf17c03917eecd1d6681bcf

cve.org (CVE-2023-53336)

nvd.nist.gov (CVE-2023-53336)

Download JSON

help @ threatint.eu