CVE-2023-52584

EPSS 0.05%
Veröffentlicht 06.03.2024 07:15:07
Zuletzt bearbeitet 14.03.2025 18:58:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

spmi: mediatek: Fix UAF on device remove

The pmif driver data that contains the clocks is allocated along with
spmi_controller.
On device remove, spmi_controller will be freed first, and then devres
, including the clocks, will be cleanup.
This leads to UAF because putting the clocks will access the clocks in
the pmif driver data, which is already freed along with spmi_controller.

This can be reproduced by enabling DEBUG_TEST_DRIVER_REMOVE and
building the kernel with KASAN.

Fix the UAF issue by using unmanaged clk_bulk_get() and putting the
clocks before freeing spmi_controller.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.1.77

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.16

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.142

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	3.8	1.2	2.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/521f28eedd6b14228c46e3b81e3bf9b90c2818d8

Patch

https://git.kernel.org/stable/c/9a3881b1f07db1bb55cb0108e6f05cfd027eaf2e

Patch

https://git.kernel.org/stable/c/e821d50ab5b956ed0effa49faaf29912fd4106d9

Patch

https://git.kernel.org/stable/c/f8dcafcb54632536684336161da8bdd52120f95e

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-52584

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52584

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52584

EUVD