CVE-2023-52469
Published: Feb 25, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes through the following call chains: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its first free in kv_parse_power_table and causes a use-after-free bug.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a2e73f56fa6282481927ec43aa9362c03c2e2104 - < 8a27d9d9fc9b5564b8904c3a77a7dea482bfa34eaffected a2e73f56fa6282481927ec43aa9362c03c2e2104 - < 8b55b06e737feb2a645b0293ea27e38418876d63affected a2e73f56fa6282481927ec43aa9362c03c2e2104 - < 520e213a0b97b64735a13950e9371e0a5d7a5dc3affected a2e73f56fa6282481927ec43aa9362c03c2e2104 - < b6dcba02ee178282e0d28684d241e0b8462dea6aaffected a2e73f56fa6282481927ec43aa9362c03c2e2104 - < 35fa2394d26e919f63600ce631e6aefc95ec2706+3 more versions |
Linux | Linux | affected 4.2unaffected 0 - < 4.2unaffected 4.19.306 - <= 4.19.*unaffected 5.4.268 - <= 5.4.*unaffected 5.10.209 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now