Huawei EulerOS: CVE-2023-52693: kernel security update

Huawei EulerOS: CVE-2023-52693: kernel security update

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

05/17/2024

Created

10/09/2024

Added

10/08/2024

Modified

10/08/2024

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpi_get_parent() called in acpi_video_dev_register_backlight() fails, for example, because acpi_ut_acquire_mutex() fails inside acpi_get_parent), this can lead to incorrect (uninitialized) acpi_parent handle being passed to acpi_get_pci_dev() for detecting the parent pci device. Check acpi_get_parent() result and set parent device only in case of success. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Solution(s)

• huawei-euleros-2_0_sp11-upgrade-bpftool
• huawei-euleros-2_0_sp11-upgrade-kernel
• huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists
• huawei-euleros-2_0_sp11-upgrade-kernel-tools
• huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs
• huawei-euleros-2_0_sp11-upgrade-python3-perf

References

• https://attackerkb.com/topics/cve-2023-52693
• CVE - 2023-52693
• EulerOS-SA-2024-2207