CVE-2023-52509

EPSS 0.01%
Veröffentlicht 02.03.2024 22:15:47
Zuletzt bearbeitet 11.12.2024 15:07:32
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ravb: Fix use-after-free issue in ravb_tx_timeout_work()

The ravb_stop() should call cancel_work_sync(). Otherwise,
ravb_tx_timeout_work() is possible to use the freed priv after
ravb_remove() was called like below:

CPU0			CPU1
			ravb_tx_timeout()
ravb_remove()
unregister_netdev()
free_netdev(ndev)
// free priv
			ravb_tx_timeout_work()
			// use priv

unregister_netdev() will call .ndo_stop() so that ravb_stop() is
called. And, after phy_stop() is called, netif_carrier_off()
is also called. So that .ndo_tx_timeout() will not be called
after phy_stop().

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.2 < 5.4.259

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.199

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.136

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.59

Linux ≫ Linux Kernel Version >= 6.2 < 6.5.8

Linux ≫ Linux Kernel Version6.6 Updaterc1

Linux ≫ Linux Kernel Version6.6 Updaterc2

Linux ≫ Linux Kernel Version6.6 Updaterc3

Linux ≫ Linux Kernel Version6.6 Updaterc4

Linux ≫ Linux Kernel Version6.6 Updaterc5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.013

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/105abd68ad8f781985113aee2e92e0702b133705

Patch

https://git.kernel.org/stable/c/3971442870713de527684398416970cf025b4f89

Patch

https://git.kernel.org/stable/c/616761cf9df9af838c0a1a1232a69322a9eb67e6

Patch

https://git.kernel.org/stable/c/65d34cfd4e347054eb4193bc95d9da7eaa72dee5

Patch

https://git.kernel.org/stable/c/6f6fa8061f756aedb93af12a8a5d3cf659127965

Patch

https://git.kernel.org/stable/c/db9aafa19547833240f58c2998aed7baf414dc82

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-52509

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52509

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52509

EUVD