CVE-2023-53805Use After Free in Kernel

3 documents2 sources
Severity
N/A
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linux Kernel
Timeline
PublishedDec 9

Description

tty: n_gsm: fix UAF in gsm_cleanup_mux In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix UAF in gsm_cleanup_mux In gsm_cleanup_mux() the 'gsm->dlci' pointer was not cleaned properly, leaving it a dangling pointer after gsm_dlci_release. This leads to use-after-free where 'gsm->dlci[0]' are freed and accessed by the subsequent gsm_cleanup_mux(). Such is the case in the following call trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1e3/0x2c

Affected Packages2 packages

Linuxlinux/linux_kernel5.11.05.15.124+3
Debianlinux/linux_kernel< 5.10.191-1+3

🔴Vulnerability Details

3
OSV
tty: n_gsm: fix UAF in gsm_cleanup_mux2025-12-09
GHSA
GHSA-8gp2-jjmr-pf9f: In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix UAF in gsm_cleanup_mux In gsm_cleanup_mux() the 'gsm->dlci' poin2025-12-09
OSV
CVE-2023-53805: In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix UAF in gsm_cleanup_mux In gsm_cleanup_mux() the 'gsm->dlci' pointe0001-01-01