CVE-2023-52445: media: pvrusb2: fix use after free on context disconnection
In the Linux kernel, the following vulnerability has been resolved:
media: pvrusb2: fix use after free on context disconnection
Upon module load, a kthread is created targeting the pvr2contextthreadfunc function, which may call pvr2contextdestroy and thus call kfree() on the context object. However, that might happen before the usb hubevent handler is able to notify the driver. This patch adds a sanity check before the invalid read reported by syzbot, within the context disconnection call stack.
Other sources
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free on context disconnection. A local attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2023-52445?
CVE-2023-52445 is classified as a high-severity vulnerability in the Linux kernel.
How do I fix CVE-2023-52445?
To fix CVE-2023-52445, update to the patched version of the Linux kernel, such as 5.10.223-1 or later.
Which Linux kernel versions are affected by CVE-2023-52445?
CVE-2023-52445 affects Linux kernel versions prior to 4.19.306, between 4.20 and 5.4.268, between 5.5.0 and 5.10.209, between 5.11.0 and 5.15.148, between 5.16.0 and 6.1.75, between 6.2.0 and 6.6.14, and between 6.7.0 and 6.7.2.
What type of vulnerability is CVE-2023-52445?
CVE-2023-52445 is a use-after-free vulnerability that occurs during context disconnection in the pvrusb2 driver.
Is there an exploit available for CVE-2023-52445?
As of now, there is no public exploit available for CVE-2023-52445, but it is advisable to apply patches to mitigate any risk.