CVE-2023-53515

EPSS 0.02%
Veröffentlicht 01.10.2025 12:15:55
Zuletzt bearbeitet 26.01.2026 20:11:08
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

virtio-mmio: don't break lifecycle of vm_dev

vm_dev has a separate lifecycle because it has a 'struct device'
embedded. Thus, having a release callback for it is correct.

Allocating the vm_dev struct with devres totally breaks this protection,
though. Instead of waiting for the vm_dev release callback, the memory
is freed when the platform_device is removed. Resulting in a
use-after-free when finally the callback is to be called.

To easily see the problem, compile the kernel with
CONFIG_DEBUG_KOBJECT_RELEASE and unbind with sysfs.

The fix is easy, don't use devres in this case.

Found during my research about object lifetime problems.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.15.1 < 4.19.293

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.255

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.192

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.128

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.47

Linux ≫ Linux Kernel Version >= 6.2 < 6.4.12

Linux ≫ Linux Kernel Version4.15 Update-

Linux ≫ Linux Kernel Version4.15 Updaterc3

Linux ≫ Linux Kernel Version4.15 Updaterc4

Linux ≫ Linux Kernel Version4.15 Updaterc5

Linux ≫ Linux Kernel Version4.15 Updaterc6

Linux ≫ Linux Kernel Version4.15 Updaterc7

Linux ≫ Linux Kernel Version4.15 Updaterc8

Linux ≫ Linux Kernel Version4.15 Updaterc9

Linux ≫ Linux Kernel Version6.5 Updaterc1

Linux ≫ Linux Kernel Version6.5 Updaterc2

Linux ≫ Linux Kernel Version6.5 Updaterc3

Linux ≫ Linux Kernel Version6.5 Updaterc4

Linux ≫ Linux Kernel Version6.5 Updaterc5

Linux ≫ Linux Kernel Version6.5 Updaterc6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.054

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/2dcb368fe5a8eee498ca75c93a18ce2f3b0d6a8e

Patch

https://git.kernel.org/stable/c/3ff54d904fafabd0912796785e53cce4e69ca123

Patch

https://git.kernel.org/stable/c/55c91fedd03d7b9cf0c5199b2eb12b9b8e95281a

Patch

https://git.kernel.org/stable/c/5b7d5c2dd664eb8b9a06ecbc06e28d39359c422e

Patch

https://git.kernel.org/stable/c/97a2d55ead76358245b446efd87818e919196d7a

Patch

https://git.kernel.org/stable/c/af5818c35173e096085c6ae2e3aac605d3d15e41

Patch