CVE-2023-35829Race Condition in Kernel

CWE-362Race ConditionCWE-416Use After Free15 documents7 sources
Severity
7.0HIGHNVD
OSV6.5OSV5.5
EPSS
0.0%
top 89.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelDebian LinuxMsrc Cbl2 Kernel 5.15.118.1-2 ON CBL Mariner 2.0+3 more
Timeline
PublishedJun 18
Latest updateSep 6

Description

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages8 packages

NVDlinux/linux_kernel5.85.10.180+4
Debianlinux/linux_kernel< 5.10.191-1+3
Ubuntulinux/linux_kernel< 5.15.0-79.86
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

6
OSV
linux-azure-fde-5.15 vulnerabilities2023-09-06
OSV
linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities2023-08-31
OSV
linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-gkeop-5.15 vulnerabilities2023-08-28
OSV
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, lin2023-08-17
GHSA
GHSA-rj3q-88g5-jm9h: An issue was discovered in the Linux kernel before 62023-06-19

📋Vendor Advisories

8
Ubuntu
Linux kernel (Azure CVM) vulnerabilities2023-09-06
Ubuntu
Linux kernel (Azure) vulnerabilities2023-08-31
Ubuntu
Linux kernel vulnerabilities2023-08-28
Ubuntu
Linux kernel vulnerabilities2023-08-17
Ubuntu
Linux kernel vulnerabilities2023-08-11
CVE-2023-35829 — Race Condition in Linux Kernel | cvebase