CVE-2023-1118
kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
A use-after-free flaw was found in the Linux kernel's integrated infrared receiver/transceiver driver. This issue occurs when a user detaches a rc device. This could allow a local user to crash the system or potentially escalate their privileges on the system.
It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-03-01 CVE Reserved
- 2023-03-02 CVE Published
- 2025-02-13 CVE Updated
- 2025-04-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20230413-0003 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17 | 2023-07-06 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2023-1118 | 2024-06-11 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2174400 | 2024-06-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.36 < 4.14.308 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.36 < 4.14.308" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.15 < 4.19.276 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.276" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.235 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.235" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.173 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.173" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.15.99 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.99" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.16 < 6.1.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.1.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.2 < 6.2.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.2.3" | - |
Affected
| ||||||