CVE-2023-52935

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists in the Linux kernel related to the ->anon vma attachment to the VMA. The issue arises when collapse and free pmd() requires the ->anon vma to be locked, but the lock is not properly held, allowing for concurrent page table access. This can lead to use-after-free access and lockdep warnings. The vulnerability is related to page table traversal and removal, which requires holding the mmap lock, the anon vma lock, and the mapping lock.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

AZL-59411

BDU:2025-10239

CVE-2023-52935

DLA-4327-1

OESA-2025-1448

OESA-2025-1449

OESA-2025-1465

OPENSUSE-SU-2025_1195-1

OPENSUSE-SU-2025_1263-1

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1195-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1195-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

SUSE-SU-2025_1293-1

USN-7909-1

USN-7909-2

USN-7909-3

USN-7909-4

USN-7909-5

USN-7910-1

USN-7910-2

USN-7933-1

USN-7938-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

CVE-2023-52935

Weakness Enumeration

Related Identifiers

Affected Products

References · 1762