How severe is CVE-2023-52502?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2023-52502?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2023-52502

MEDIUM Year: 2023

CVSS v3 Score

6.3

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock should happen before releasing the lock. nfc_llcp_sock_get_sn() has a similar problem. Finally nfc_llcp_recv_snl() needs to make sure the socket found by nfc_llcp_sock_from_sn() does not disappear.

CVE-2016-1975

MEDIUM

CVSS:6.3(Medium)

Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (...

CWE-3622016

CVE-2016-7777

MEDIUM

CVSS:6.3(Medium)

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on...

CWE-3622016

CVE-2018-12633

MEDIUM

CVSS:6.3(Medium)

An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of t...

CWE-3622018

CVE-2020-10737

MEDIUM

CVSS:6.3(Medium)

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into t...

CWE-3622020

CVE-2020-1839

MEDIUM

CVSS:6.3(Medium)

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another proce...

CWE-3622020

CVE-2020-25653

MEDIUM

CVSS:6.3(Medium)

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-...

CWE-3622020

CVE-2023-52502

Vulnerability Description

Related Vulnerabilities

CVE-2016-1975

CVE-2016-7777

CVE-2018-12633

CVE-2020-10737

CVE-2020-1839

CVE-2020-25653