CVE-2023-52445
Published: Feb 22, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on the context object. However, that might happen before the usb hub_event handler is able to notify the driver. This patch adds a sanity check before the invalid read reported by syzbot, within the context disconnection call stack.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e5be15c63804e05b5a94197524023702a259e308 - < ec36c134dd020d28e312c2f1766f85525e747aabaffected e5be15c63804e05b5a94197524023702a259e308 - < 47aa8fcd5e8b5563af4042a00f25ba89bef8f33daffected e5be15c63804e05b5a94197524023702a259e308 - < 3233d8bf7893550045682192cb227af7fa3defebaffected e5be15c63804e05b5a94197524023702a259e308 - < ec3634ebe23fc3c44ebc67c6d25917300bc68c08affected e5be15c63804e05b5a94197524023702a259e308 - < 30773ea47d41773f9611ffb4ebc9bda9d19a9e7e+3 more versions |
Linux | Linux | affected 2.6.26unaffected 0 - < 2.6.26unaffected 4.19.306 - <= 4.19.*unaffected 5.4.268 - <= 5.4.*unaffected 5.10.209 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now