7.8
CVE-2023-53544
- EPSS 0.15%
- Veröffentlicht 04.10.2025 15:16:52
- Zuletzt bearbeitet 21.03.2026 00:29:58
- CVE-Watchlists
- Unerledigt
cpufreq: davinci: Fix clk use after free
In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver(). If one of the cpufreq callbacks is called just before cpufreq_unregister_driver() is run, the freed clks might be used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.33 < 4.14.308
Linux ≫ Linux Kernel Version >= 4.15 < 6.1.16
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.046 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/66b3bbe6fbd8dd410868e5b53ac3944a934b9310
https://git.kernel.org/stable/c/a5f024d0e6f91e05c816ad4ee8837173369dd5cb
https://git.kernel.org/stable/c/ab05ae4ab831f64bbc427592c86f599ed9c4324f
https://git.kernel.org/stable/c/5d8f384a9b4fc50f6a18405f1c08e5a87a77b5b3