7.8

CVE-2023-52840

Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()

In the Linux kernel, the following vulnerability has been resolved:

Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()

The put_device() calls rmi_release_function() which frees "fn" so the
dereference on the next line "fn->num_of_irqs" is a use after free.
Move the put_device() to the end to fix this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.18 < 4.19.299
LinuxLinux Kernel Version >= 4.20 < 5.4.261
LinuxLinux Kernel Version >= 5.5 < 5.10.201
LinuxLinux Kernel Version >= 5.11 < 5.15.139
LinuxLinux Kernel Version >= 5.16 < 6.1.63
LinuxLinux Kernel Version >= 6.2 < 6.5.12
LinuxLinux Kernel Version >= 6.6 < 6.6.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.151
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f
Patch
https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2
Patch
https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff
Patch
https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5
Patch
https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f
Patch
https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585
Patch
https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683
Patch
https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1
Patch