CVE-2023-53640Use After Free in Linux

CWE-416Use After FreeCWE-787Out-of-bounds Write5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we get below Out of Bounds error. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: BUG: KASAN: slab-out-of-bounds in regcache_flat_read+0x10c/0x110 Read of size 4 at addr ffffff8088fbf714 by task syz-executor.4/14144 CPU: 6 PID: 14144 Comm: syz-executor.4 Tainted: G W Hardware name: Qualcomm Technologies,

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.125.15.114+3
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linuxc39667ddcfc516fee084e449179d54430a5582988f1512d78b5de928f4616a871e77b58fd546e651+4
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-cw77-x75c-4fx8: In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we2025-10-07
OSV
CVE-2023-53640: In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we g2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: ASoC: lpass: Fix for KASAN use_after_free out of bounds2025-10-07
Debian
CVE-2023-53640: linux - In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass...2023