CVE-2023-53560Use After Free in Linux

CWE-416Use After Free5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigger actions. In this case the newly added references will not have field variables. Not taking such referenced variables into consideration can result in a bug where it would be possible to remove hist

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.174.19.291+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux067fe038e70f6e64960d26a79c4df5f1413d0f134ffad1528e81c91769d9da1f8436080861c8ec67+7
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-g32r-xv9q-pp8r: In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables2025-10-04
OSV
CVE-2023-53560: In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: tracing/histograms: Add histograms to hist_vars if they have referenced variables2025-10-04
Debian
CVE-2023-53560: linux - In the Linux kernel, the following vulnerability has been resolved: tracing/his...2023