CVE-2023-53044

dm stats: check for and propagate alloc_percpu failure

Description

In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate alloc_percpu failure Check alloc_precpu()'s return value and return an error from dm_stats_init() if it fails. Update alloc_dev() to fail if dm_stats_init() does. Otherwise, a NULL pointer dereference will occur in dm_stats_cleanup() even if dm-stats isn't being actively used.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/2287d7b721471a3d58bcd829250336e3cdf1635e
https://git.kernel.org/stable/c/0d96bd507ed7e7d565b6d53ebd3874686f123b2e
https://git.kernel.org/stable/c/4a32a9a818a895671bd43e0c40351e60e4e9140b
https://git.kernel.org/stable/c/c68f08cc745675a17894e1b4a5b5b9700ace6da4
https://git.kernel.org/stable/c/443c9d522397511a4328dc2ec3c9c63c73049756
https://git.kernel.org/stable/c/a42180dd361584816bfe15c137b665699b994d90
https://git.kernel.org/stable/c/5b66e36a3efd24041b7374432bfa4dec2ff01e95
https://git.kernel.org/stable/c/d3aa3e060c4a80827eb801fc448debc9daa7c46b

Frequently Asked Questions

What is the severity of CVE-2023-53044?
CVE-2023-53044 has not yet been assigned a CVSS score.
How to fix CVE-2023-53044?
To fix CVE-2023-53044, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-53044 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-53044 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-53044?
CVE-2023-53044 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.