-
CVE-2023-53479
- EPSS 0.02%
- Veröffentlicht 01.10.2025 12:15:50
- Zuletzt bearbeitet 02.10.2025 19:12:17
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: cxl/acpi: Fix a use-after-free in cxl_parse_cfmws() KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxl_decoder_add() fail path. KASAN prints the following error: BUG: KASAN: slab-use-after-free in cxl_parse_cfmws (drivers/cxl/acpi.c:299) This happens in cxl_parse_cfmws(), where put_device() is called, releasing cxld, which is accessed later. Use the local variables in the dev_err() instead of pointing to the released memory. Since the dev_err() is printing a resource, change the open coded print format to use the %pr format specifier.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
748fadc08bcbdaf573b34d9784bb3dbd87441dbf
Version
e50fe01e1f2a4aba2275edee7d5c77ac87674ddb
Status
affected
Version <
316db489647b8ddc381682597e89787eac61a278
Version
e50fe01e1f2a4aba2275edee7d5c77ac87674ddb
Status
affected
Version <
4cf67d3cc9994a59cf77bb9c0ccf9007fe916afe
Version
e50fe01e1f2a4aba2275edee7d5c77ac87674ddb
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.0
Status
affected
Version <
6.0
Version
0
Status
unaffected
Version <=
6.1.*
Version
6.1.43
Status
unaffected
Version <=
6.4.*
Version
6.4.8
Status
unaffected
Version <=
*
Version
6.5
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.044 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|