CVE-2023-53484

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the cpu rmap library. Specifically, a use-after-free condition can occur on the rmap->obj array entries. This happens when irq set affinity notifier() is called with a NULL argument, leading to the freeing of a glue pointer within the array, but leaving the pointer itself in the array. A subsequent call to free irq cpu rmap() then attempts to free this already freed entry. The fix involves setting the array entry to NULL and adding a check within free irq cpu rmap() to ensure the entry is non-zero before iterating.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.