PT-2023-9370 · Linux+4 · Linux Kernel+4

Duoming Zhou

Published

2023-09-09

Updated

2026-03-14

CVE-2023-52629

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.3

Description The issue is related to a use-after-free bug in the Linux kernel. This bug occurs because the original code puts flush work() before timer shutdown sync() in switch drv remove(), allowing the worker to be rescheduled in switch timer() and causing a use-after-free bug. The vulnerability can be exploited to access confidential data, disrupt data integrity, and cause a denial of service.

Recommendations To resolve the issue, upgrade the Linux kernel to a version newer than 6.5.3. As a temporary workaround, consider disabling the switch drv remove() function until a patch is available. Restrict access to the vulnerable switch timer() and switch work handler() functions to minimize the risk of exploitation. Avoid using the psw->state variable in the affected code until the issue is resolved.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2024-06929

CVE-2023-52629

ECHO-59B9-A855-FB02

OESA-2024-1617

OESA-2024-1618

OESA-2024-1647

OESA-2024-1648

OESA-2024-1649

OESA-2024-1650

USN-6972-1

USN-6972-2

USN-6972-3

USN-6972-4

USN-6973-1

USN-6973-2

USN-6973-3

USN-6973-4

USN-6974-1

USN-6974-2

USN-6976-1

USN-7006-1

USN-7019-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Ubuntu

PT-2023-9370 · Linux+4 · Linux Kernel+4

CVE-2023-52629

Weakness Enumeration

Related Identifiers

Affected Products

References · 636