Lucene search
Redhat.comRH:CVE-2023-52847HistoryMay 23, 2024 - 11:13 a.m.
CVE-2023-52847
2024-05-2311:13:44
redhat.com
access.redhat.com
8
linux kernel
media
bttv
use after free
vulnerability
resolved
In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv->timeout timer There may be some a race condition between timer function bttv_irq_timeout and bttv_remove. The timer is setup in probe and there is no timer_delete operation in remove function. When it hit kfree btv, the function might still be invoked, which will cause use after free bug. This bug is found by static analysis, it may be false positive. Fix it by adding del_timer_sync invoking to the remove function. cpu0 cpu1 bttv_probe ->timer_setup ->bttv_set_dma ->mod_timer; bttv_remove ->kfree(btv); ->bttv_irq_timeout ->USE btv
Related
nvd
nvd
CVE-2023-52847
2024-05-21 16:15:21
cve
cve
CVE-2023-52847
2024-05-21 16:15:21
debiancve
debiancve
CVE-2023-52847
2024-05-21 16:15:21
cvelist
cvelist
vulnrichment
vulnrichment
ubuntucve
ubuntucve
CVE-2023-52847
2024-05-21 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2189-1)
2024-06-26 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
2024-06-13 00:00:00