CVE-2023-52576

Published: Mar 2, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() The code calling ima_free_kexec_buffer() runs long after the memblock allocator has already been torn down, potentially resulting in a use after free in memblock_isolate_range(). With KASAN or KFENCE, this use after free will result in a BUG from the idle task, and a subsequent kernel panic. Switch ima_free_kexec_buffer() over to memblock_free_late() to avoid that bug.

Vendor	Product	Versions
Linux	Linux	affected `fee3ff99bc67604fba77f19da0106f3ec52b1956 - < eef16bfdb212da60f5144689f2967fb25b051a2b` affected `fee3ff99bc67604fba77f19da0106f3ec52b1956 - < d2dfbc0e3b7a04c2d941421a958dc31c897fb204` affected `fee3ff99bc67604fba77f19da0106f3ec52b1956 - < 34cf99c250d5cd2530b93a57b0de31d3aaf8685b`
Linux	Linux	affected `5.13` unaffected `0 - < 5.13` unaffected `6.1.56 - <= 6.1.` unaffected `6.5.6 - <= 6.5.` unaffected `6.6 - <= *`

References

https://git.kernel.org/stable/c/eef16bfdb212da60f5144689f2967fb25b051a2b

https://git.kernel.org/stable/c/d2dfbc0e3b7a04c2d941421a958dc31c897fb204

https://git.kernel.org/stable/c/34cf99c250d5cd2530b93a57b0de31d3aaf8685b

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-52576

Description

Affected Products

References