CVE-2023-3312Double Free in Kernel

CWE-415Double Free7 documents7 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 81.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Linux KernelDebian LinuxMsrc Cbl2 Kernel 5.15.118.1-2 ON CBL Mariner 2.0+5 more
Timeline
PublishedJun 19
Latest updateAug 11

Description

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages9 packages

NVDlinux/linux_kernel6.26.2.15+1
CVEListV5linux/linux_kernelKernel version prior to 6.4-rc1
debiandebian/linux

🔴Vulnerability Details

2
GHSA
GHSA-6mq7-w565-8rf7: A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw2023-06-19
OSV
CVE-2023-3312: A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw2023-06-19

📋Vendor Advisories

4
Ubuntu
Linux kernel vulnerabilities2023-08-11
Microsoft
A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw during device unbind will lead to double release problem leading to denial of service2023-06-13
Red Hat
kernel: double free in IO unmap and resource release on exit in drivers/cpufreq/qcom-cpufreq-hw.c2023-03-23
Debian
CVE-2023-3312: linux - A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsys...2023
CVE-2023-3312 — Double Free in Linux Kernel | cvebase