LiveActive security incident?Get immediate response
CVE Record

CVE-2023-52473: thermal: core: Fix NULL pointer dereference in zone registration error path

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_with_trips() returns an error, the tz variable is set to NULL and subsequently dereferenced in kfree(tz->tzp). Commit adc8749b150c ("thermal/drivers/core: Use put_device() if device_register() fails") added the tz = NULL assignment in question to avoid a possible double-free after dropping the reference to the zone device. However, after commit 4649620d9404 ("thermal: core: Make thermal_zone_device_unregister() return after freeing the zone"), that assignment has become redundant, because dropping the reference to the zone device does not cause the zone object to be freed any more. Drop it to address the NULL pointer dereference.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

CVE-2023-52473 is a Linux kernel bug in thermal zone registration. Under a specific error condition, the kernel can dereference a NULL pointer, which may crash the system. The public record does not show active exploitation or a CVSS score. Treat it primarily as an availability risk for Linux systems using affected kernel builds.

Executive priority

Schedule remediation through normal kernel patch cycles unless affected systems are safety-critical or availability-sensitive. Escalate priority for production, embedded, or appliance environments where a kernel crash could cause service interruption.

Technical view

In thermal_zone_device_register_with_trips(), if device_register() fails, tz is set to NULL and later tz->tzp is freed, causing a NULL pointer dereference. Kernel stable fixes remove the redundant NULL assignment. The issue is in the thermal core registration error path, not a documented remote code execution path.

Likely exposure

Exposure is limited to Linux systems running affected kernel versions or downstream builds containing the vulnerable thermal core code. The source bundle lists Linux 6.4, 6.6.14, 6.7.2, and 6.8 as affected, but downstream distribution status should be verified.

Exploitation context

No CISA KEV listing is provided, and the supplied sources do not report active exploitation. Exploitation would require triggering a device registration failure in the kernel thermal zone registration path. Public sources provided do not describe practical exploitability or attacker prerequisites.

Researcher notes

The record lacks CVSS, CWE, and detailed exploitability analysis. The bug is clearly described as a NULL pointer dereference in a cleanup/error path. Assessment should focus on reachability of thermal zone registration failure in target kernels and whether downstream vendors backported the stable commits.

Mitigation direction

  • Update to a vendor kernel containing the referenced stable thermal core fix.
  • Check Linux distribution advisories for backported fixes and affected package versions.
  • Prioritize systems where unexpected kernel crashes have high business impact.
  • If patch timing is uncertain, monitor vendor guidance for supported mitigations.

Validation and detection

  • Inventory Linux kernel versions across servers, appliances, and embedded systems.
  • Compare running kernels against distribution advisories and the referenced stable commits.
  • Confirm patched kernels are installed and active after reboot.
  • Review kernel logs for thermal zone registration failures or NULL pointer crashes.
Prepared
Confidence
medium
Sources
5

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2023-52473 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
2ADP providers
4Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
CVECVE Program Container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux3d439b1a2ad36c8b4ea151c8de25309d60d17407, 3d439b1a2ad36c8b4ea151c8de25309d60d17407, 3d439b1a2ad36c8b4ea151c8de25309d60d17407unaffected
LinuxLinux6.4, 0, 6.6.14, 6.7.2, 6.8affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.