PT-2023-9467 · Linux+4 · Linux Kernel+4

Sili Luo

·

Published

2023-10-10

·

Updated

2025-01-27

·

CVE-2023-52502

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a race condition in the NFC component of the Linux kernel, specifically in the nfc llcp sock get() and nfc llcp sock get sn() functions. This can lead to a Use After Free (UAF) condition, potentially allowing an attacker to execute arbitrary code with elevated privileges. The problem occurs when getting a reference on the socket found in a lookup while holding a lock, which should happen before releasing the lock. The nfc llcp recv snl() function also needs to ensure that the socket found by nfc llcp sock from sn() does not disappear.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

BDU:2024-07820
CVE-2023-52502
OESA-2024-1353
OESA-2024-1355
OESA-2024-1356
OESA-2024-1357
OESA-2024-1392
OESA-2024-1393
OPENSUSE-SU-2024_0857-1
OPENSUSE-SU-2024_1321-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0266-1
SUSE-SU-2024:0856-1
SUSE-SU-2024:0857-1
SUSE-SU-2024:0925-1
SUSE-SU-2024:0926-1
SUSE-SU-2024:0975-1
SUSE-SU-2024:0976-1
SUSE-SU-2024:1320-1
SUSE-SU-2024:1321-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1677-1
SUSE-SU-2024:1679-1
SUSE-SU-2024:1680-1
SUSE-SU-2024:1682-1
SUSE-SU-2024:1685-1
SUSE-SU-2024:1686-1
SUSE-SU-2024:1692-1
SUSE-SU-2024:1695-1
SUSE-SU-2024:1696-1
SUSE-SU-2024:1705-1
SUSE-SU-2024:1706-1
SUSE-SU-2024:1707-1
SUSE-SU-2024:1709-1
SUSE-SU-2024:1711-1
SUSE-SU-2024:1712-1
SUSE-SU-2024:1713-1
SUSE-SU-2024:1720-1
SUSE-SU-2024:1723-1
SUSE-SU-2024:1726-1
SUSE-SU-2024:1729-1
SUSE-SU-2024:1731-1
SUSE-SU-2024:1732-1
SUSE-SU-2024:1735-1
SUSE-SU-2024:1736-1
SUSE-SU-2024:1739-1
SUSE-SU-2024:1740-1
SUSE-SU-2024:1742-1
SUSE-SU-2024:1746-1
SUSE-SU-2024:1748-1
SUSE-SU-2024:1749-1
SUSE-SU-2024:1751-1
SUSE-SU-2024:1753-1
SUSE-SU-2024:1757-1
SUSE-SU-2024:1759-1
SUSE-SU-2024:2092-1
SUSE-SU-2024:2100-1
SUSE-SU-2024:2162-1
SUSE-SU-2024:2163-1
SUSE-SU-2024:2207-1
SUSE-SU-2024:2208-1
SUSE-SU-2024:2337-1
SUSE-SU-2024:2382-1
SUSE-SU-2024:2446-1
SUSE-SU-2024:2447-1
SUSE-SU-2024:2472-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2751-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:2851-1
SUSE-SU-2024:3318-1
SUSE-SU-2024:3347-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0266-1
USN-7121-1
USN-7121-2
USN-7121-3
USN-7148-1

Affected Products

Astra Linux
Linux Kernel
Red Os
Suse
Ubuntu