CVE-2023-52445
media: pvrusb2: fix use after free on context disconnection
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
media: pvrusb2: fix use after free on context disconnection
Upon module load, a kthread is created targeting the
pvr2_context_thread_func function, which may call pvr2_context_destroy
and thus call kfree() on the context object. However, that might happen
before the usb hub_event handler is able to notify the driver. This
patch adds a sanity check before the invalid read reported by syzbot,
within the context disconnection call stack.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: pvrusb2: corrige el use after free de desconexión de contexto. Al cargar el módulo, se crea un kthread dirigido a la función pvr2_context_thread_func, que puede llamar a pvr2_context_destroy y, por lo tanto, llamar a kfree() en el objeto de contexto. Sin embargo, eso podría suceder antes de que el controlador usb hub_event pueda notificar al controlador. Este parche agrega una verificación de cordura antes de la lectura no válida reportada por syzbot, dentro de la pila de llamadas de desconexión de contexto.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-20 CVE Reserved
- 2024-02-22 CVE Published
- 2024-03-15 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (13)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-52445 | 2024-11-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2265654 | 2024-11-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 4.19.306 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 4.19.306" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 5.4.268 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 5.4.268" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 5.10.209 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 5.10.209" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 5.15.148 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 5.15.148" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 6.1.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.1.75" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 6.6.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.6.14" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 6.7.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.7.2" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.26 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.26 < 6.8" | en |
Affected
|