Login Sign Up

CVE-2023-52901

5.5 MEDIUM
Denial of Service

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's xHCI USB driver allows local attackers to cause a kernel panic and system crash when the host controller stops responding. This affects systems running vulnerable Linux kernel versions with xHCI USB controllers. The vulnerability requires local access to trigger.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but references indicate multiple stable kernel versions were patched
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires xHCI USB host controller hardware and driver usage. Vulnerability triggers when controller stops responding.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash and denial of service, requiring physical or remote console access to reboot the system.

🟠

Likely Case

Local denial of service through kernel panic, disrupting system availability until reboot.

🟢

If Mitigated

Minimal impact with proper access controls preventing local users from triggering the condition.

🌐 Internet-Facing: LOW - Requires local access to trigger, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes could cause system crashes, but requires specific USB controller failure conditions.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to trigger USB controller failure conditions. Not trivial to exploit intentionally.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with commits referenced in CVE

Vendor Advisory: https://git.kernel.org/stable/c/08864dc14a6803f0377ca77b9740b26db30c020f

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Restrict local access

linux

Limit local user access to systems to reduce attack surface

Disable xHCI USB controller

linux

Disable xHCI USB controller in kernel parameters if not needed (not recommended for most systems)

Add 'xhci_hcd.blacklist=yes' to kernel boot parameters

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized local users
  • Monitor system logs for USB controller failures and kernel panic events

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if running unpatched kernel with xHCI USB support.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version from distribution security advisory.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • 'xhci-hcd.*not responding, assume dead' in kernel logs
  • NULL pointer dereference at address 00000000000000e8

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("xhci-hcd.*not responding" OR "NULL pointer dereference" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2023-52901
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
Published: August 21, 2024
Last Updated: September 13, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52901, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)