CVE-2023-52445

2024-02-2217:15:08

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

media vulnerability

context disconnection

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on the context object. However, that might happen before the usb hub_event handler is able to notify the driver. This patch adds a sanity check before the invalid read reported by syzbot, within the context disconnection call stack.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.1.76-1linux_6.1.76-1_all.deb
Debian11alllinux< 5.10.209-1linux_5.10.209-1_all.deb
Debian10alllinux<= 4.19.249-2linux_4.19.249-2_all.deb
Debian999alllinux< 6.6.15-1linux_6.6.15-1_all.deb
Debian13alllinux< 6.6.15-1linux_6.6.15-1_all.deb
Debian10alllinux-5.10< 5.10.209-2~deb10u1linux-5.10_5.10.209-2~deb10u1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.1.76-1	linux_6.1.76-1_all.deb
Debian	11	all	linux	< 5.10.209-1	linux_5.10.209-1_all.deb
Debian	10	all	linux	<= 4.19.249-2	linux_4.19.249-2_all.deb
Debian	999	all	linux	< 6.6.15-1	linux_6.6.15-1_all.deb
Debian	13	all	linux	< 6.6.15-1	linux_6.6.15-1_all.deb
Debian	10	all	linux-5.10	< 5.10.209-2~deb10u1	linux-5.10_5.10.209-2~deb10u1_all.deb