CVE-2023-53800Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: BUG: KASAN: use-after-free in ubi_eba_copy_table+0x11f/0x1c0 [ubi] Read of size 8 at addr ffff888101eec008 by task ubirsvol/4735 CPU: 2 PID: 4735 Comm: ubirsvol Not tainted 6.1.0-rc1-00003-g84fa3304a7fc-dirty #14 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014 Call Trace: dump_stack_l

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.224.14.308+6
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux801c135ce73d5df1caf3eca35b66a10824ae0707bf9875aa7f7d624a8c084425b14bf7e5907ebc30+8
debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-53800: In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free pro2025-12-09
OSV
ubi: Fix use-after-free when volume resizing failed2025-12-09
GHSA
GHSA-7jjf-hg6r-x4hg: In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free p2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: ubi: Fix use-after-free when volume resizing failed2025-12-09
Debian
CVE-2023-53800: linux - In the Linux kernel, the following vulnerability has been resolved: ubi: Fix us...2023