7.8

CVE-2023-53084

drm/shmem-helper: Remove another errant put in error path

In the Linux kernel, the following vulnerability has been resolved:

drm/shmem-helper: Remove another errant put in error path

drm_gem_shmem_mmap() doesn't own reference in error code path, resulting
in the dma-buf shmem GEM object getting prematurely freed leading to a
later use-after-free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.9.5 < 5.10
LinuxLinux Kernel Version >= 5.10.1 < 5.10.176
LinuxLinux Kernel Version >= 5.11 < 5.15.104
LinuxLinux Kernel Version >= 5.16 < 6.1.21
LinuxLinux Kernel Version >= 6.2 < 6.2.8
LinuxLinux Kernel Version5.10 Update-
LinuxLinux Kernel Version5.10 Updaterc2
LinuxLinux Kernel Version5.10 Updaterc3
LinuxLinux Kernel Version5.10 Updaterc4
LinuxLinux Kernel Version5.10 Updaterc5
LinuxLinux Kernel Version5.10 Updaterc6
LinuxLinux Kernel Version5.10 Updaterc7
LinuxLinux Kernel Version6.3 Updaterc1
LinuxLinux Kernel Version6.3 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.066
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/684c7372bbd6447c2e86a2a84e97a1478604d21f
Patch
https://git.kernel.org/stable/c/5cfb617967b05f8f27e862c97db1fabd8485f4db
Patch
https://git.kernel.org/stable/c/dede8c14a37a7ac458f9add56154a074ed78e7cf
Patch
https://git.kernel.org/stable/c/77d26c824aa5a7e0681ef1d5b75fe538d746addc
Patch
https://git.kernel.org/stable/c/ee9adb7a45516cfa536ca92253d7ae59d56db9e4
Patch