CVE-2023-53445

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a refcount bug in the qrtr recvmsg() function. This issue occurs in concurrent scenarios involving qrtr recvmsg() and qrtr endpoint unregister(), potentially leading to a use-after-free condition. The bug was identified by Syzbot and involves a race condition where a reference count is decremented to zero while still being accessed. The qrtr node lookup() implementation can be protected by using qrtr node lock to improve node reference protection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.