CVE-2023-52475

2024-02-2900:00:00

ubuntu.com

linux kernel

vulnerability

cve-2023-52475

resolved

use-after-free

powermate driver

memory free

async control message

usb_kill_urb

device disconnection

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.1%

JSON

In the Linux kernel, the following vulnerability has been resolved: Input:
powermate - fix use-after-free in powermate_config_complete syzbot has
found a use-after-free bug [1] in the powermate driver. This happens when
the device is disconnected, which leads to a memory free from the
powermate_device struct. When an asynchronous control message completes
after the kfree and its callback is invoked, the lock does not exist
anymore and hence the bug. Use usb_kill_urb() on pm->config to cancel any
in-progress requests upon device disconnection. [1]
https://syzkaller.appspot.com/bug?extid=0434ac83f907a1dbdd1e

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN