CVE-2023-52989

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.33 and later

Description A memory leak issue was found in the Linux FireWire subsystem related to the payload of request subaction to IEC 61883-1 FCP region. This issue occurred due to a use-after-free problem, where data of the payload was released before user space listeners could access it. The problem was caused by the subsystem allowing multiple user space listeners to the region while the payload data was likely released before the listeners could execute read(2) to access it. The issue was resolved by duplicating the payload object in kernel space for each listener and ensuring its proper release.

Recommendations For Linux kernel versions 2.6.33 and later, apply the patch that fixes the memory leak issue by explicitly releasing the payload object in the ioctl send response() function. This can be achieved by updating to a version of the Linux kernel that includes the commit 281e20323ab7 ("firewire: core: fix use-after-free regression in FCP handler"). As a temporary workaround, consider restricting access to the FireWire subsystem to minimize the risk of exploitation.