3 matches found
BELL-CVE-2023-52483
Bulletin has no description...
CVE-2023-52483
A use-after-free vulnerability was found in the Linux kernel, which affects the mctp component and is caused by route lookups that traverse the net's route list without the RCU read lock held. This issue can result in a use-after-free situation where the kfree function is called on a route pointe...
CVE-2023-52483
CVE-2023-52483 affects the Linux kernel where mctp_route_lookup/mctp_route_lookup_null traverse net->mctp.routes without an RCU read lock, allowing a potential race that could lead to a use-after-free due to a grace period expiry and a kfree while a route pointer is in use. The security adviso...