Lucene search
Redhat.comRH:CVE-2023-52584HistoryMar 06, 2024 - 10:38 p.m.
CVE-2023-52584
2024-03-0622:38:21
redhat.com
access.redhat.com
6
cve-2023-52584
linux kernel
uaf vulnerability
spmi: mediatek
device remove
fix
kasan
In the Linux kernel, the following vulnerability has been resolved: spmi: mediatek: Fix UAF on device remove The pmif driver data that contains the clocks is allocated along with spmi_controller. On device remove, spmi_controller will be freed first, and then devres , including the clocks, will be cleanup. This leads to UAF because putting the clocks will access the clocks in the pmif driver data, which is already freed along with spmi_controller. This can be reproduced by enabling DEBUG_TEST_DRIVER_REMOVE and building the kernel with KASAN. Fix the UAF issue by using unmanaged clk_bulk_get() and putting the clocks before freeing spmi_controller.
Related
prion
prion
Spoofing
2024-03-06 07:15:00
cvelist
cvelist
CVE-2023-52584 spmi: mediatek: Fix UAF on device remove
2024-03-06 06:45:19
ubuntucve
ubuntucve
CVE-2023-52584
2024-03-06 00:00:00
cve
cve
CVE-2023-52584
2024-03-06 07:15:07
debiancve
debiancve
CVE-2023-52584
2024-03-06 07:15:07
nvd
nvd
CVE-2023-52584
2024-03-06 07:15:07
osv
osv
linux-oem-6.1 vulnerabilities
2024-03-11 20:17:36
linux-oem-6.5 vulnerabilities
2024-05-07 15:22:10
openvas
openvas
Ubuntu: Security Advisory (USN-6688-1)
2024-03-12 00:00:00
Ubuntu: Security Advisory (USN-6765-1)
2024-05-08 00:00:00
Ubuntu: Security Advisory (USN-6819-3)
2024-06-13 00:00:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-03-11 00:00:00
Linux kernel (OEM) vulnerabilities
2024-05-07 00:00:00
Linux kernel (ARM laptop) vulnerabilities
2024-06-10 00:00:00
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6688-1)
2024-03-11 00:00:00
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
2024-05-07 00:00:00
Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)
2024-06-11 00:00:00
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27