CVE-2023-52450

medium

Description

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() Get logical socket id instead of physical id in discover_upi_topology() to avoid out-of-bound access on 'upi = &type->topology[nid][idx];' line that leads to NULL pointer dereference in upi_fill_topology()

References

https://git.kernel.org/stable/c/bf1bf09e6b599758851457f3999779622a48d015

https://git.kernel.org/stable/c/3d6f4a78b104c65e4256c3776c9949f49a1b459e

https://git.kernel.org/stable/c/1692cf434ba13ee212495b5af795b6a07e986ce4

Details

Source: Mitre, NVD

Published: 2024-02-22

Updated: 2024-03-18

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium