PT-2023-9832 · Linux+4 · Linux Kernel+4

Var10Ck

Publicado

2023-08-09

Atualizado

2026-05-26

CVE-2023-52921

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a possible use-after-free (UAF) vulnerability in the amdgpu cs pass1() function. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is caused by the gang size check being outside of the chunk parsing loop, which requires resetting i before freeing the chunk data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

AZL-53778

BDU:2025-00164

CVE-2023-52921

OPENSUSE-SU-2024_4314-1

OPENSUSE-SU-2024_4315-1

OPENSUSE-SU-2024_4316-1

OPENSUSE-SU-2024_4376-1

SUSE-SU-2024:4314-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

Produtos afetados

Astra Linux

Debian

Linux Kernel

Red Os

Suse

PT-2023-9832 · Linux+4 · Linux Kernel+4

CVE-2023-52921

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1389