CVE-2023-52918: media: pci: cx23885: check cx23885_vdev_init() return

Description

In the Linux kernel, the following vulnerability has been resolved:

media: pci: cx23885: check cx23885_vdev_init() return

cx23885_vdev_init() can return a NULL pointer, but that pointer
is used in the next line without a check.

Add a NULL pointer check and go to the error unwind if it is NULL.

Classification

CVE ID: CVE-2023-52918

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.08% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/8e31b096e2e1949bc8f0be019c9ae70d414404c6
https://git.kernel.org/stable/c/199a42fc4c45e8b7f19efeb15dbc36889a599ac2
https://git.kernel.org/stable/c/e7385510e2550a9f8b6f3d5f33c5b894ab9ba976
https://git.kernel.org/stable/c/a5f1d30c51c485cec7a7de60205667c3ff86c303
https://git.kernel.org/stable/c/06ee04a907d64ee3910fecedd05d7f1be4b1b70e
https://git.kernel.org/stable/c/b1397fb4a779fca560c43d2acf6702d41b4a495b
https://git.kernel.org/stable/c/15126b916e39b0cb67026b0af3c014bfeb1f76b3

Timeline

2024-12-20 00:32:50 UTC
CVE

media: pci: cx23885: check cx23885_vdev_init() return