Linux · Linux Kernel · CVE-2023-52879
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The vulnerability is related to a use-after-free bug in the Linux kernel's tracing component. It occurs when a kprobe event is deleted while its associated file is still open, causing a reference to the already freed event file descriptor. This can lead to a kernel crash. The issue can be exploited by creating a kprobe event, opening its enable file, deleting the event, and then closing the file descriptor. To solve this, a reference count and a new flag called "FREED" are added to the event file descriptor to prevent it from being freed while still in use.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.