Redhat.comRH:CVE-2023-52469CVE-2023-52469
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
A use-after-free flaw was found in kv_parse_power_table in drivers/amd/pm in the Linux kernel. When ps equals NULL, kv_parse_power_table frees adev->pm.dpm.ps. The adev->pm.dpm.ps is used in the loop of kv_dpm_fini after its first free in kv_parse_power_table, causing a use-after-free problem.
References
bugzilla.redhat.com/show_bug.cgi?id=2266341
git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743
git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02
git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706
git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3
git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e
git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63
git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3
git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a
nvd.nist.gov/vuln/detail/CVE-2023-52469
www.cve.org/CVERecord?id=CVE-2023-52469
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.7 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%