Lucene search
Redhat.comRH:CVE-2023-52509HistoryMar 04, 2024 - 7:20 p.m.
CVE-2023-52509
2024-03-0419:20:10
redhat.com
access.redhat.com
11
linux kernel
ravb
vulnerability fix
use-after-free
ravb_tx_timeout_work
cancel_work_sync
In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravb_tx_timeout_work() The ravb_stop() should call cancel_work_sync(). Otherwise, ravb_tx_timeout_work() is possible to use the freed priv after ravb_remove() was called like below: CPU0 CPU1 ravb_tx_timeout() ravb_remove() unregister_netdev() free_netdev(ndev) // free priv ravb_tx_timeout_work() // use priv unregister_netdev() will call .ndo_stop() so that ravb_stop() is called. And, after phy_stop() is called, netif_carrier_off() is also called. So that .ndo_tx_timeout() will not be called after phy_stop().
Related
cve
cve
CVE-2023-52509
2024-03-02 22:15:47
debiancve
debiancve
CVE-2023-52509
2024-03-02 22:15:47
prion
prion
Spoofing
2024-03-02 22:15:00
ubuntucve
ubuntucve
CVE-2023-52509
2024-03-02 00:00:00
cvelist
cvelist
CVE-2023-52509 ravb: Fix use-after-free issue in ravb_tx_timeout_work()
2024-03-02 21:52:22
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1320-1)
2024-04-19 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1321-1)
2024-04-19 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1332-2)
2024-04-23 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)
2024-04-18 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)
2024-04-18 00:00:00