CVE-2023-52510

In the Linux kernel, the following vulnerability has been resolved: ieee802154: ca8210: Fix a potential UAF in ca8210_probe If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister(). Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*

History

11 Dec 2024, 15:11

Type Values Removed Values Added
First Time Linux
Linux linux Kernel
CWE CWE-416
References () https://git.kernel.org/stable/c/217efe32a45249eb07dcd7197e8403de98345e66 - () https://git.kernel.org/stable/c/217efe32a45249eb07dcd7197e8403de98345e66 - Patch
References () https://git.kernel.org/stable/c/28b68cba378e3e50a4082b65f262bc4f2c7c2add - () https://git.kernel.org/stable/c/28b68cba378e3e50a4082b65f262bc4f2c7c2add - Patch
References () https://git.kernel.org/stable/c/55e06850c7894f00d41b767c5f5665459f83f58f - () https://git.kernel.org/stable/c/55e06850c7894f00d41b767c5f5665459f83f58f - Patch
References () https://git.kernel.org/stable/c/84c6aa0ae5c4dc121f9996bb8fed46c80909d80e - () https://git.kernel.org/stable/c/84c6aa0ae5c4dc121f9996bb8fed46c80909d80e - Patch
References () https://git.kernel.org/stable/c/85c2857ef90041f567ce98722c1c342c4d31f4bc - () https://git.kernel.org/stable/c/85c2857ef90041f567ce98722c1c342c4d31f4bc - Patch
References () https://git.kernel.org/stable/c/becf5c147198f4345243c5df0c4f035415491640 - () https://git.kernel.org/stable/c/becf5c147198f4345243c5df0c4f035415491640 - Patch
References () https://git.kernel.org/stable/c/cdb46be93c1f7bbf2c4649e9fc5fb147cfb5245d - () https://git.kernel.org/stable/c/cdb46be93c1f7bbf2c4649e9fc5fb147cfb5245d - Patch
References () https://git.kernel.org/stable/c/f990874b1c98fe8e57ee9385669f501822979258 - () https://git.kernel.org/stable/c/f990874b1c98fe8e57ee9385669f501822979258 - Patch
CPE cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

21 Nov 2024, 08:39

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ieee802154: ca8210: solucione un UAF potencial en ca8210_probe Si of_clk_add_provider() falla en ca8210_register_ext_clock(), llama a clk_unregister() para liberar priv->clk y devuelve un error. Sin embargo, la persona que llama ca8210_probe() luego llama a ca8210_remove(), donde priv->clk se libera nuevamente en ca8210_unregister_ext_clock(). En este caso, puede ocurrir un Use After Free la segunda vez que llamamos a clk_unregister(). Solucione este problema eliminando el primer clk_unregister(). Además, priv->clk podría ser un código de error en caso de falla de clk_register_fixed_rate(). Utilice IS_ERR_OR_NULL para detectar este caso en ca8210_unregister_ext_clock().
References () https://git.kernel.org/stable/c/217efe32a45249eb07dcd7197e8403de98345e66 - () https://git.kernel.org/stable/c/217efe32a45249eb07dcd7197e8403de98345e66 -
References () https://git.kernel.org/stable/c/28b68cba378e3e50a4082b65f262bc4f2c7c2add - () https://git.kernel.org/stable/c/28b68cba378e3e50a4082b65f262bc4f2c7c2add -
References () https://git.kernel.org/stable/c/55e06850c7894f00d41b767c5f5665459f83f58f - () https://git.kernel.org/stable/c/55e06850c7894f00d41b767c5f5665459f83f58f -
References () https://git.kernel.org/stable/c/84c6aa0ae5c4dc121f9996bb8fed46c80909d80e - () https://git.kernel.org/stable/c/84c6aa0ae5c4dc121f9996bb8fed46c80909d80e -
References () https://git.kernel.org/stable/c/85c2857ef90041f567ce98722c1c342c4d31f4bc - () https://git.kernel.org/stable/c/85c2857ef90041f567ce98722c1c342c4d31f4bc -
References () https://git.kernel.org/stable/c/becf5c147198f4345243c5df0c4f035415491640 - () https://git.kernel.org/stable/c/becf5c147198f4345243c5df0c4f035415491640 -
References () https://git.kernel.org/stable/c/cdb46be93c1f7bbf2c4649e9fc5fb147cfb5245d - () https://git.kernel.org/stable/c/cdb46be93c1f7bbf2c4649e9fc5fb147cfb5245d -
References () https://git.kernel.org/stable/c/f990874b1c98fe8e57ee9385669f501822979258 - () https://git.kernel.org/stable/c/f990874b1c98fe8e57ee9385669f501822979258 -

02 Mar 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-02 22:15

Updated : 2024-12-11 15:11


NVD link : CVE-2023-52510

Mitre link : CVE-2023-52510

CVE.ORG link : CVE-2023-52510


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free