{"id":"AZL-71888","summary":"CVE-2023-53332 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()\n\nIf ipi_send_{mask|single}() is called with an invalid interrupt number, all\nthe local variables there will be NULL. ipi_send_verify() which is invoked\nfrom these functions does verify its 'data' parameter, resulting in a\nkernel oops in irq_data_get_affinity_mask() as the passed NULL pointer gets\ndereferenced.\n\nAdd a missing NULL pointer check in ipi_send_verify()...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.","modified":"2026-04-01T05:22:06.470562Z","published":"2025-09-16T17:15:39Z","upstream":["CVE-2023-53332"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53332"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71888.json"}}],"schema_version":"1.7.5"}