PT-2023-8800 · Linux+5 · Linux Kernel+5

Zhang Xiaoxu

·

Publicado

2023-09-19

·

Atualizado

2026-05-26

·

CVE-2023-52572

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc4+
Description The issue is related to a use-after-free (UAF) vulnerability in the cifs demultiplex thread() function. This vulnerability can be exploited by an attacker to potentially execute arbitrary code. The UAF occurs when the mid->resp buf is freed while still being used by the cifs demultiplex thread(). The vulnerability can be easily reproduced by adding a delay between steps [3] and [6] in the process. Only synchronous calls are affected, as asynchronous calls have their callbacks executed in the cifsd process.
Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the UAF in cifs demultiplex thread(). As a temporary workaround, consider adding an extra state to mark the mid state to READY before waking up the waiter, allowing it to safely get the response.

Exploit

Correção

Buffer Overflow

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-416

Identificadores relacionados

AZL-54137
BDU:2024-01940
CVE-2023-52572
DLA-4178-1
OESA-2025-1282
OESA-2025-1283
OPENSUSE-SU-2024_1489-1
OPENSUSE-SU-2025_0833-1
OPENSUSE-SU-2025_0835-1
OPENSUSE-SU-2025_0853-1
SUSE-SU-2024:1454-1
SUSE-SU-2024:1465-1
SUSE-SU-2024:1489-1
SUSE-SU-2025:0833-1
SUSE-SU-2025:0833-2
SUSE-SU-2025:0834-1
SUSE-SU-2025:0835-1
SUSE-SU-2025:0853-1
SUSE-SU-2025:0945-1
SUSE-SU-2025_0833-1
SUSE-SU-2025_0833-2
SUSE-SU-2025_0834-1
SUSE-SU-2025_0835-1
USN-7123-1
USN-7194-1
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1

Produtos afetados

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu