-

CVE-2023-53219

EPSS 0.03%
Veröffentlicht 15.09.2025 14:21:47
Zuletzt bearbeitet 15.09.2025 15:22:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

media: netup_unidvb: fix use-after-free at del_timer()

When Universal DVB card is detaching, netup_unidvb_dma_fini()
uses del_timer() to stop dma->timeout timer. But when timer
handler netup_unidvb_dma_timeout() is running, del_timer()
could not stop it. As a result, the use-after-free bug could
happen. The process is shown below:

    (cleanup routine)          |        (timer routine)
                               | mod_timer(&dev->tx_sim_timer, ..)
netup_unidvb_finidev()         | (wait a time)
  netup_unidvb_dma_fini()      | netup_unidvb_dma_timeout()
    del_timer(&dma->timeout);  |
                               |   ndev->pci_dev->dev //USE

Fix by changing del_timer() to del_timer_sync().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < dd5c77814f290b353917df329f36de1472d47154

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < 90229e9ee957d4514425e4a4d82c50ab5d57ac4d

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < 1550bcf2983ae1220cc8ab899a39a423fa7cb523

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < f9982db735a8495eee14267cf193c806b957e942

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < 051af3f0b7d1cd8ab7f3e2523ad8ae1af44caba3

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < 07821524f67bf920342bc84ae8b3dea2a315a89e

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < c8f9c05e1ebcc9c7bc211cc8b74d8fb86a8756fc

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

Version < 0f5bb36bf9b39a2a96e730bf4455095b50713f63

Version 52b1eaf4c59a3bbd07afbb4ab4f43418a807d02e

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.3

Status affected

Version < 4.3

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.316

Status unaffected

Version <= 4.19.*

Version 4.19.284

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.078

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/dd5c77814f290b353917df329f36de1472d47154

https://git.kernel.org/stable/c/90229e9ee957d4514425e4a4d82c50ab5d57ac4d

https://git.kernel.org/stable/c/1550bcf2983ae1220cc8ab899a39a423fa7cb523

https://git.kernel.org/stable/c/f9982db735a8495eee14267cf193c806b957e942

https://git.kernel.org/stable/c/051af3f0b7d1cd8ab7f3e2523ad8ae1af44caba3

https://git.kernel.org/stable/c/07821524f67bf920342bc84ae8b3dea2a315a89e

https://git.kernel.org/stable/c/c8f9c05e1ebcc9c7bc211cc8b74d8fb86a8756fc

https://git.kernel.org/stable/c/0f5bb36bf9b39a2a96e730bf4455095b50713f63

https://nvd.nist.gov/vuln/detail/CVE-2023-53219

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53219

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53219

EUVD