CVE-2023-52584

2024-03-0600:00:00

ubuntu.com

linux kernel

vulnerability

uaf

device remove

spmi: mediatek

clocks

debug_test_driver_remove

kasan

unmanaged clk_bulk_get()

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: spmi:
mediatek: Fix UAF on device remove The pmif driver data that contains the
clocks is allocated along with spmi_controller. On device remove,
spmi_controller will be freed first, and then devres , including the
clocks, will be cleanup. This leads to UAF because putting the clocks will
access the clocks in the pmif driver data, which is already freed along
with spmi_controller. This can be reproduced by enabling
DEBUG_TEST_DRIVER_REMOVE and building the kernel with KASAN. Fix the UAF
issue by using unmanaged clk_bulk_get() and putting the clocks before
freeing spmi_controller.

Notes

Author	Note
rodrigo-zaiden	USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< 6.5.0-41.41UNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< 6.5.0-41.41	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN