CVE-2023-4134

A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of service.
References
Link Resource
https://access.redhat.com/security/cve/CVE-2023-4134 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2221700 Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

History

18 Nov 2024, 22:08

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
First Time Linux linux Kernel
Fedoraproject
Linux
Fedoraproject fedora
References () https://access.redhat.com/security/cve/CVE-2023-4134 - () https://access.redhat.com/security/cve/CVE-2023-4134 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2221700 - () https://bugzilla.redhat.com/show_bug.cgi?id=2221700 - Issue Tracking, Patch, Third Party Advisory

15 Nov 2024, 13:58

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad de use-after-free en el controlador cyttsp4_core del kernel de Linux. Este problema se produce en la rutina de limpieza del dispositivo debido a un posible rearme del watchdog_timer desde la cola de trabajo. Esto podría permitir que un usuario local bloquee el sistema, lo que provocaría una denegación de servicio.

14 Nov 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-14 11:15

Updated : 2024-11-18 22:08


NVD link : CVE-2023-4134

Mitre link : CVE-2023-4134

CVE.ORG link : CVE-2023-4134


JSON object : View

Products Affected

linux

  • linux_kernel

fedoraproject

  • fedora
CWE
CWE-416

Use After Free