CVE-2023-25012

Published: Feb 1, 2023

Modified: May 5, 2025

PUBLISHED

Description

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://seclists.org/oss-sec/2023/q1/53

https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/

[oss-security] 20230202 Re: Linux Kernel: hid: Use-After-Free in bigben_set_led()

mailing-list

[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update

mailing-list

[oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs

mailing-list

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2

https://bugzilla.suse.com/show_bug.cgi?id=1207560

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-25012

Description

Affected Products

References