7.8
CVE-2023-52509
- EPSS 0.24%
- Veröffentlicht 02.03.2024 22:15:47
- Zuletzt bearbeitet 11.12.2024 15:07:32
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ravb: Fix use-after-free issue in ravb_tx_timeout_work()
In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravb_tx_timeout_work() The ravb_stop() should call cancel_work_sync(). Otherwise, ravb_tx_timeout_work() is possible to use the freed priv after ravb_remove() was called like below: CPU0 CPU1 ravb_tx_timeout() ravb_remove() unregister_netdev() free_netdev(ndev) // free priv ravb_tx_timeout_work() // use priv unregister_netdev() will call .ndo_stop() so that ravb_stop() is called. And, after phy_stop() is called, netif_carrier_off() is also called. So that .ndo_tx_timeout() will not be called after phy_stop().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.2 < 5.4.259
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.199
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.136
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.59
Linux ≫ Linux Kernel Version >= 6.2 < 6.5.8
Linux ≫ Linux Kernel Version6.6 Updaterc1
Linux ≫ Linux Kernel Version6.6 Updaterc2
Linux ≫ Linux Kernel Version6.6 Updaterc3
Linux ≫ Linux Kernel Version6.6 Updaterc4
Linux ≫ Linux Kernel Version6.6 Updaterc5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.151 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/105abd68ad8f781985113aee2e92e0702b133705
https://git.kernel.org/stable/c/3971442870713de527684398416970cf025b4f89
https://git.kernel.org/stable/c/616761cf9df9af838c0a1a1232a69322a9eb67e6
https://git.kernel.org/stable/c/65d34cfd4e347054eb4193bc95d9da7eaa72dee5
https://git.kernel.org/stable/c/6f6fa8061f756aedb93af12a8a5d3cf659127965
https://git.kernel.org/stable/c/db9aafa19547833240f58c2998aed7baf414dc82