Login Sign Up

CVE-2023-52679

7.8 HIGH
Denial of Service

📋 TL;DR

A double-free vulnerability in the Linux kernel's device tree parsing code allows memory corruption when processing malformed device tree data. This affects all Linux systems using the vulnerable kernel version. Attackers could potentially exploit this to crash the system or execute arbitrary code.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected versions not specified in CVE, but patches exist in stable branches. Likely affects multiple kernel versions before fixes were backported.
Operating Systems: All Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires device tree functionality to be used. Embedded systems and ARM-based systems commonly use device trees.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to arbitrary code execution with kernel privileges, resulting in complete system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service, potentially requiring physical access to restart.

🟢

If Mitigated

Limited impact if system has kernel hardening features like KASLR and SMEP/SMAP enabled.

🌐 Internet-Facing: LOW - Requires local access or ability to supply malicious device tree data.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires detailed knowledge of kernel memory management and ability to trigger the specific code path with controlled data.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with commits: 26b4d702c44f9e5cf3c5c001ae619a4a001889db, 4541004084527ce9e95a818ebbc4e6b293ffca21, 4dde83569832f9377362e50f7748463340c5db6b, a0a061151a6200c13149dbcdb6c065203c8425d2, b64d09a4e8596f76d27f4b4a90a1cf6baf6a82f8

Vendor Advisory: https://git.kernel.org/stable/c/26b4d702c44f9e5cf3c5c001ae619a4a001889db

Restart Required: Yes

Instructions:

1. Update to latest kernel version from your distribution. 2. Apply specific kernel patches if available. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable device tree functionality

linux

Prevent use of device tree parsing if not required (not recommended for most systems)

🧯 If You Can't Patch

  • Restrict local user access to prevent untrusted users from triggering the vulnerability
  • Implement kernel hardening features like KASLR, SMEP, SMAP to reduce exploit impact

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions from distribution vendor. Run: uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version. Check if specific commit is present in kernel source.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • OOPs (kernel crash) logs
  • System crash/reboot events

Network Indicators:

  • None - local vulnerability

SIEM Query:

Search for kernel panic or OOPs messages in system logs

📊 Metadata

CVE ID: CVE-2023-52679
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-415
Published: May 17, 2024
Last Updated: January 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52679, you might also want to check these:

CVE-2020-35885 9.8

This vulnerability in the alpm-rs Rust crate allows double-free memory corruption due to improper de...

Same vulnerability type (CWE-415)
CVE-2021-29940 9.8

This vulnerability in the Rust 'through' crate allows double-free memory corruption when the map fun...

Same vulnerability type (CWE-415)
CVE-2023-49937 9.8

This CVE describes a double-free vulnerability in SchedMD Slurm workload manager that allows attacke...

Same vulnerability type (CWE-415)