Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2023-52847
HistoryMay 21, 2024 - 4:15 p.m.

CVE-2023-52847

2024-05-2116:15:21
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
26
linux kernel
media vulnerability
use after free
timer race condition
static analysis
nvd

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON

In the Linux kernel, the following vulnerability has been resolved:

media: bttv: fix use after free error due to btv->timeout timer

There may be some a race condition between timer function
bttv_irq_timeout and bttv_remove. The timer is setup in
probe and there is no timer_delete operation in remove
function. When it hit kfree btv, the function might still be
invoked, which will cause use after free bug.

This bug is found by static analysis, it may be false positive.

Fix it by adding del_timer_sync invoking to the remove function.

cpu0 cpu1
bttv_probe
->timer_setup
->bttv_set_dma
->mod_timer;
bttv_remove
->kfree(btv);
->bttv_irq_timeout
->USE btv

Related

redhatcve 1
ubuntucve 1
cvelist 1
debiancve 1
redhatcve
redhatcve
CVE-2023-52847
2024-05-23 11:13:44
ubuntucve
ubuntucve
CVE-2023-52847
2024-05-21 00:00:00
cvelist
cvelist
CVE-2023-52847 media: bttv: fix use after free error due to btv->timeout timer
2024-05-21 15:31:44
debiancve
debiancve
CVE-2023-52847
2024-05-21 16:15:21

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for CVE-2023-52847
redhatcve1ubuntucve1cvelist1debiancve1