CVE-2023-52524

net: nfc: llcp: Add lock when modifying device list

Description

In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered.

Category

7.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391 patch
https://git.kernel.org/stable/c/dba849cc98113b145c6e720122942c00b8012bdb patch
https://git.kernel.org/stable/c/4837a192f6d06d5bb2f3f47d6ce5353ab69bf86b patch
https://git.kernel.org/stable/c/7562780e32b84196731d57dd24563546fcf6d082 patch
https://git.kernel.org/stable/c/29c16c2bf5866326d5fbc4a537b3997fcac23391 patch
https://git.kernel.org/stable/c/dfc7f7a988dad34c3bf4c053124fb26aa6c5f916 patch

Frequently Asked Questions

What is the severity of CVE-2023-52524?
CVE-2023-52524 has been scored as a high severity vulnerability.
How to fix CVE-2023-52524?
To fix CVE-2023-52524, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52524 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52524 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52524?
CVE-2023-52524 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.