CVE-2023-51043Use After Free in Kernel

CWE-416Use After Free11 documents8 sources
Severity
7.0HIGHNVD
OSV4.7
EPSS
0.0%
top 97.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxMsrc Cbl2 Kernel 5.15.148.1-1 ON CBL Mariner 2.0+1 more
Timeline
PublishedJan 23
Latest updateApr 19

Description

In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages6 packages

NVDlinux/linux_kernel< 6.4.5
Debianlinux/linux_kernel< 5.10.191-1+3
Ubuntulinux/linux_kernel< 4.4.0-253.287+1
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities2024-04-19
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities2024-04-19
OSV
CVE-2023-51043: In the Linux kernel before 62024-01-23
GHSA
GHSA-vqj2-hm8r-26qm: In the Linux kernel before 62024-01-23

📋Vendor Advisories

5
Ubuntu
Linux kernel vulnerabilities2024-04-19
Ubuntu
Linux kernel vulnerabilities2024-04-19
Red Hat
kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c2024-01-23
Microsoft
In the Linux kernel before 6.4.5 drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.2024-01-09
Debian
CVE-2023-51043: linux - In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-f...2023

💬Community

1
Bugzilla
CVE-2023-51043 kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c2024-01-24
CVE-2023-51043 — Use After Free in Linux Kernel | cvebase