CVE-2023-52973

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc5

Description A use-after-free issue was identified in the Linux kernel, specifically in the vcs read() function. This occurs because the vc data struct can be freed by vc deallocate() after a call to console unlock() in vcs read(), leading to a potential use-after-free when vcs size() is called. The issue was reported by Syzkaller, and a fix has been implemented to move the load of the struct vc data pointer to the top of the while loop in vcs read() to avoid this issue.

Recommendations For Linux kernel versions prior to 6.2.0-rc5, update to a newer version that includes the fix for this issue. As a temporary workaround, consider disabling the vcs read() function until a patch is available. Restrict access to the vulnerable vc screen module to minimize the risk of exploitation. Avoid using the vcs size() function in the affected API endpoint until the issue is resolved.