CVE-2023-53800

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc1-00003-g84fa3304a7fc-dirty

Description The Linux kernel contains a use-after-free issue within the UBI (Unsorted Block Images) subsystem. Specifically, the problem occurs during volume resizing. When ubi change vtbl record() returns an error within ubi resize volume(), memory associated with new eba tbl is freed, but it is still referenced by vol->eba tbl in ubi eba replace table(). This discrepancy in memory lifecycle leads to a use-after-free condition when volume resizing is attempted again. The issue was reported by KASAN, a kernel address sanitizer. The vulnerable function is ubi eba copy table().

Recommendations Update to a version of the Linux kernel newer than 6.1.0-rc1-00003-g84fa3304a7fc-dirty.