Description

In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efi_mem_reserve_persistent When iterating on a linked list, a result of memremap is dereferenced without checking it for NULL. This patch adds a check that falls back on allocating a new page in case memremap doesn't succeed. Found by Linux Verification Center (linuxtesting.org) with SVACE. [ardb: return -ENOMEM instead of breaking out of the loop]

INFO

Published Date :

2025-03-27T16:43:16.596Z

Last Modified :

2025-10-01T17:22:10.974Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-52976 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-52976.

URL Resource
https://git.kernel.org/stable/c/87d4ff18738fd71e7e3c10827c80257da6283697 cve-icon cve-icon
https://git.kernel.org/stable/c/966d47e1f27c45507c5df82b2a2157e5a4fd3909 cve-icon cve-icon
https://git.kernel.org/stable/c/a2e6a9ff89f13666a1c3ff7195612ab949ea9afc cve-icon cve-icon
https://git.kernel.org/stable/c/d8fc0b5fb3e816a4a8684bcd3ed02cbef0fce23c cve-icon cve-icon
https://git.kernel.org/stable/c/d92a25627bcdf264183670da73c9a60c0bac327e cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025032704-CVE-2023-52976-eda3@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-52976 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-52976 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact