{"id":"CVE-2023-28328","details":"A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.","modified":"2026-03-13T07:33:08.640306Z","published":"2023-04-19T23:15:07.163Z","related":["ALSA-2023:7077","SUSE-SU-2023:1608-1","SUSE-SU-2023:1609-1","SUSE-SU-2023:1710-1","SUSE-SU-2023:1800-1","SUSE-SU-2023:1801-1","SUSE-SU-2023:1803-1","SUSE-SU-2023:1811-1","SUSE-SU-2023:1848-1","SUSE-SU-2023:1892-1","SUSE-SU-2023:1894-1","SUSE-SU-2023:2232-1","SUSE-SU-2023:2506-1","SUSE-SU-2023:2805-1","SUSE-SU-2025:03613-1","SUSE-SU-2025:03614-1","SUSE-SU-2025:03615-1","SUSE-SU-2025:03626-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3761-1","SUSE-SU-2025:4315-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2177389"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"6.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-28328.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}