CVE-2023-54157Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc->vma in race with munmap() [ cmllamas: clean forward port from commit 015ac18be7de ("binder: fix UAF of alloc->vma in race with munmap()") in 5.10 stable. It is needed in mainline after the revert of commit a43cfc87caaf ("android: binder: stop saving a pointer to the VMA") as pointed out by Liam. The commit log and tags have been tweaked to reflect this. ] In commit 720c24192404 ("ANDROID: binder: cha

Affected Packages4 packages

Linuxlinux/linux_kernel4.20.05.15.115+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linuxdd2283f2605e3b3e9c61bcae844b34f2afa4813f1bb8a65190d45cd5c7dbc85e29b9102110cd6be6+4
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-hqhr-cmq5-2w3r: In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc->vma in race with munmap() [ cmllamas: clean forward po2025-12-24
OSV
binder: fix UAF of alloc->vma in race with munmap()2025-12-24
OSV
CVE-2023-54157: In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc->vma in race with munmap() [ cmllamas: clean forward port2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: binder: fix UAF of alloc->vma in race with munmap()2025-12-24
Debian
CVE-2023-54157: linux - In the Linux kernel, the following vulnerability has been resolved: binder: fix...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54157 Impact, Exploitability, and Mitigation Steps | Wiz