-
CVE-2023-53479
- EPSS 0.02%
- Published 01.10.2025 12:15:50
- Last modified 02.10.2025 19:12:17
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: cxl/acpi: Fix a use-after-free in cxl_parse_cfmws() KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxl_decoder_add() fail path. KASAN prints the following error: BUG: KASAN: slab-use-after-free in cxl_parse_cfmws (drivers/cxl/acpi.c:299) This happens in cxl_parse_cfmws(), where put_device() is called, releasing cxld, which is accessed later. Use the local variables in the dev_err() instead of pointing to the released memory. Since the dev_err() is printing a resource, change the open coded print format to use the %pr format specifier.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
748fadc08bcbdaf573b34d9784bb3dbd87441dbf
Version
e50fe01e1f2a4aba2275edee7d5c77ac87674ddb
Status
affected
Version <
316db489647b8ddc381682597e89787eac61a278
Version
e50fe01e1f2a4aba2275edee7d5c77ac87674ddb
Status
affected
Version <
4cf67d3cc9994a59cf77bb9c0ccf9007fe916afe
Version
e50fe01e1f2a4aba2275edee7d5c77ac87674ddb
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
6.0
Status
affected
Version <
6.0
Version
0
Status
unaffected
Version <=
6.1.*
Version
6.1.43
Status
unaffected
Version <=
6.4.*
Version
6.4.8
Status
unaffected
Version <=
*
Version
6.5
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.044 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|