CVE-2023-53587

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc1

Description The Linux kernel contained a flaw in the ring buffer implementation where an interrupt request (IRQ) work could run after the buffer it operated on was destroyed. This could lead to a use-after-free condition, potentially resulting in a kernel crash or other unpredictable behavior. The issue occurred when data was written to the buffer immediately before its destruction, specifically in scenarios involving time-travel debugging (ARCH=um). The problem was resolved by adding appropriate synchronization to ensure the IRQ work completed before the buffer was destroyed.

Recommendations Update to a version of the Linux kernel newer than 6.3.0-rc1.