Lucene search

K

GoogleOSV:CVE-2023-52840

HistoryMay 21, 2024 - 4:15 p.m.

CVE-2023-52840

2024-05-2116:15:00

Google

osv.dev

2

linux kernel

input vulnerability

synaptics-rmi4

use after free

put_device

rmi_release_function

AI Score

6.8

Confidence

Low

In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The put_device() calls rmi_release_function() which frees “fn” so the dereference on the next line “fn->num_of_irqs” is a use after free. Move the put_device() to the end to fix this.

References

git.kernel.org/linus/eb988e46da2e4eae89f5337e047ce372fe33d5b1

git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f

git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2

git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff

git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5

git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f

git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585

git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683

git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1

ubuntu.com/security/CVE-2023-52840

www.cve.org/CVERecord?id=CVE-2023-52840

AI Score

6.8

Confidence

Low

Related for OSV:CVE-2023-52840

debiancve1 ubuntucve1 cvelist1 vulnrichment1 nvd1 cve1 redhatcve1 nessus17 almalinux2 osv13 redhat1 oraclelinux1 openvas2