Login Sign Up

CVE-2023-52868

7.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This CVE describes a buffer overflow vulnerability in the Linux kernel's thermal subsystem. The vulnerability occurs when sprintf() functions attempt to format device IDs that could be larger than expected, potentially allowing local attackers to cause kernel crashes or execute arbitrary code. All Linux systems using affected kernel versions are potentially vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but references indicate fixes in stable kernel trees. Likely affects multiple kernel versions before fixes were backported.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires thermal subsystem to be enabled/used. Most Linux systems have this enabled by default for hardware monitoring.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to root, kernel panic causing system crash, or arbitrary code execution in kernel context leading to complete system compromise.

🟠

Likely Case

Kernel panic leading to denial of service (system crash) requiring reboot, or local privilege escalation if combined with other vulnerabilities.

🟢

If Mitigated

System crash requiring reboot, but no privilege escalation if kernel protections like KASLR and SMAP are enabled.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the system, not remotely exploitable.
🏢 Internal Only: MEDIUM - Local users or processes could exploit this, but requires existing access to the system.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and knowledge of kernel internals. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees referenced in CVE links

Vendor Advisory: https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c72266629bea97

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply patches from kernel.org stable trees. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable thermal subsystem

linux

Disable the thermal subsystem if not needed, though this may affect hardware monitoring and thermal management.

echo 'blacklist thermal' > /etc/modprobe.d/disable-thermal.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Restrict local user access to minimize attack surface
  • Enable kernel hardening features like KASLR, SMEP, SMAP if available

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if using unpatched kernel with thermal subsystem enabled.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version from distribution security advisory.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/kern.log or dmesg
  • System crash/reboot events without clear cause

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "general protection fault") AND process="thermal"

📊 Metadata

CVE ID: CVE-2023-52868
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 21, 2024
Last Updated: September 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52868, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)