Login Sign Up

CVE-2023-52524

7.8 HIGH
Denial of Service

📋 TL;DR

A race condition vulnerability in the Linux kernel's NFC LLCP subsystem allows local attackers to corrupt the device list by modifying it without proper locking. This affects Linux systems with NFC functionality enabled, potentially leading to denial of service or privilege escalation. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches exist in stable kernel trees. Likely affects versions before the fix commits.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if NFC (Near Field Communication) functionality is enabled and compiled into the kernel. Many servers and cloud instances may not have NFC enabled.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, or potential privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System instability, kernel crashes, or denial of service affecting NFC functionality.

🟢

If Mitigated

Minimal impact if NFC is disabled or proper access controls restrict local user privileges.

🌐 Internet-Facing: LOW - This is a local privilege vulnerability requiring access to the system.
🏢 Internal Only: MEDIUM - Internal users with local access could exploit this to cause system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and knowledge of race condition timing. Syzbot discovered the issue through fuzzing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in stable kernel commits: 191d87a19cf1, 29c16c2bf586, 4837a192f6d0, 7562780e32b8, dba849cc9811

Vendor Advisory: https://git.kernel.org/stable/c/191d87a19cf1005ecf41e1ae08d74e17379e8391

Restart Required: Yes

Instructions:

1. Update to a patched Linux kernel version containing the fixes. 2. Check your distribution's security advisories for specific package updates. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable NFC functionality

linux

Remove or disable NFC kernel modules if not needed

rmmod nfc
rmmod llcp
echo 'blacklist nfc' >> /etc/modprobe.d/blacklist.conf
echo 'blacklist llcp' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Disable NFC functionality if not required for system operation
  • Restrict local user access and implement strict privilege separation

🔍 How to Verify

Check if Vulnerable:

Check if NFC modules are loaded: lsmod | grep -E 'nfc|llcp'. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to include the fix commits. Check that NFC modules can be loaded without issues.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • System crash logs
  • NFC-related error messages in dmesg

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

Search for kernel panic events or NFC module crash logs in system logs

📊 Metadata

CVE ID: CVE-2023-52524
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-667
Published: March 2, 2024
Last Updated: January 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52524, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)