CVE-2023-53544

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue involves a use-after-free condition within the cpufreq subsystem, specifically related to the davinci platform. The remove function first frees clock resources (clks) and then calls cpufreq unregister driver(). If a cpufreq callback is invoked immediately before cpufreq unregister driver() is executed, the already-freed clock resources might be accessed, leading to a potential system instability or crash. The vulnerability affects the handling of clock resources during driver unregistration.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.