Vulnerability DatabaseCVE-2023-52692
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2023-52692
May 17, 2024
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it fails rather than continuing with an invalid value.
Related Resources (8)
https://git.kernel.org/stable/c/ca459dfa7d4ed9098fcf13e410963be6ae9b6bf3
https://git.kernel.org/stable/c/be96acd3eaa790d10a5b33e65267f52d02f6ad88
https://nvd.nist.gov/vuln/detail/CVE-2023-52692
https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52692.json
https://git.kernel.org/stable/c/996fde492ad9b9563ee483b363af40d7696a8467
https://git.kernel.org/stable/c/51d5697e1c0380d482c3eab002bfc8d0be177e99
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
https://git.kernel.org/stable/c/145c5aa51486171025ab47f35cff34bff8d0cea3
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
Weakness Type (CWE)
Unchecked Return Value
CWE-252
EPSS
Base Score:
0.02