PT-2023-9467 · Linux+4 · Linux Kernel+4

Sili Luo

·

Publicado

2023-10-10

·

Atualizado

2025-01-27

·

CVE-2023-52502

CVSS v2.0

6.8

Média

VetorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a race condition in the NFC component of the Linux kernel, specifically in the nfc llcp sock get() and nfc llcp sock get sn() functions. This can lead to a Use After Free (UAF) condition, potentially allowing an attacker to execute arbitrary code with elevated privileges. The problem occurs when getting a reference on the socket found in a lookup while holding a lock, which should happen before releasing the lock. The nfc llcp recv snl() function also needs to ensure that the socket found by nfc llcp sock from sn() does not disappear.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416CWE-362

Identificadores relacionados

BDU:2024-07820
CVE-2023-52502
OESA-2024-1353
OESA-2024-1355
OESA-2024-1356
OESA-2024-1357
OESA-2024-1392
OESA-2024-1393
OPENSUSE-SU-2024_0857-1
OPENSUSE-SU-2024_1321-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0266-1
SUSE-SU-2024:0856-1
SUSE-SU-2024:0857-1
SUSE-SU-2024:0925-1
SUSE-SU-2024:0926-1
SUSE-SU-2024:0975-1
SUSE-SU-2024:0976-1
SUSE-SU-2024:1320-1
SUSE-SU-2024:1321-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1677-1
SUSE-SU-2024:1679-1
SUSE-SU-2024:1680-1
SUSE-SU-2024:1682-1
SUSE-SU-2024:1685-1
SUSE-SU-2024:1686-1
SUSE-SU-2024:1692-1
SUSE-SU-2024:1695-1
SUSE-SU-2024:1696-1
SUSE-SU-2024:1705-1
SUSE-SU-2024:1706-1
SUSE-SU-2024:1707-1
SUSE-SU-2024:1709-1
SUSE-SU-2024:1711-1
SUSE-SU-2024:1712-1
SUSE-SU-2024:1713-1
SUSE-SU-2024:1720-1
SUSE-SU-2024:1723-1
SUSE-SU-2024:1726-1
SUSE-SU-2024:1729-1
SUSE-SU-2024:1731-1
SUSE-SU-2024:1732-1
SUSE-SU-2024:1735-1
SUSE-SU-2024:1736-1
SUSE-SU-2024:1739-1
SUSE-SU-2024:1740-1
SUSE-SU-2024:1742-1
SUSE-SU-2024:1746-1
SUSE-SU-2024:1748-1
SUSE-SU-2024:1749-1
SUSE-SU-2024:1751-1
SUSE-SU-2024:1753-1
SUSE-SU-2024:1757-1
SUSE-SU-2024:1759-1
SUSE-SU-2024:2092-1
SUSE-SU-2024:2100-1
SUSE-SU-2024:2162-1
SUSE-SU-2024:2163-1
SUSE-SU-2024:2207-1
SUSE-SU-2024:2208-1
SUSE-SU-2024:2337-1
SUSE-SU-2024:2382-1
SUSE-SU-2024:2446-1
SUSE-SU-2024:2447-1
SUSE-SU-2024:2472-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2751-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:2851-1
SUSE-SU-2024:3318-1
SUSE-SU-2024:3347-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0266-1
USN-7121-1
USN-7121-2
USN-7121-3
USN-7148-1

Produtos afetados

Astra Linux
Linux Kernel
Red Os
Suse
Ubuntu