{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T07:12:19.404","vulnerabilities":[{"cve":{"id":"CVE-2023-52785","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-05-21T16:15:17.330","lastModified":"2025-01-14T16:34:47.027","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR\n\nIf command timeout happens and cq complete IRQ is raised at the same time,\nufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in the\nISR. Error log:\n\nufshcd_abort: Device abort task at tag 18\nUnable to handle kernel NULL pointer dereference at virtual address\n0000000000000108\npc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44\nlr : [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24/0x114"},{"lang":"es","value":" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ufs: core: soluciona el problema de ejecuciones entre ufshcd_mcq_abort() e ISR. Si se agota el tiempo de espera del comando y se genera cq complete IRQ al mismo tiempo, ufshcd_mcq_abort borra lprb->cmd y un La eliminación del puntero NULL ocurre en el ISR. Registro de errores: ufshcd_abort: tarea de cancelación del dispositivo en la etiqueta 18 No se puede manejar la desreferencia del puntero NULL del kernel en la dirección virtual 0000000000000108 pc: [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44 lr: [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24 /0x114"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.5.13","matchCriteriaId":"40185741-377D-4584-81B4-36CD74A91AD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.3","matchCriteriaId":"B58252FA-A49C-411F-9B28-DC5FE44BC5A0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*","matchCriteriaId":"3A0038DE-E183-4958-A6E3-CE3821FEAFBF"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}