CVE-2023-52629

Published: Mar 29, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flush_work() before timer_shutdown_sync() in switch_drv_remove(). Although we use flush_work() to stop the worker, it could be rescheduled in switch_timer(). As a result, a use-after-free bug can occur. The details are shown below: (cpu 0) | (cpu 1) switch_drv_remove() | flush_work() | ... | switch_timer // timer | schedule_work(&psw->work) timer_shutdown_sync() | ... | switch_work_handler // worker kfree(psw) // free | | psw->state = 0 // use This patch puts timer_shutdown_sync() before flush_work() to mitigate the bugs. As a result, the worker and timer will be stopped safely before the deallocate operations.

Vendor	Product	Versions
Linux	Linux	affected `9f5e8eee5cfe1328660c71812d87c2a67bda389f - < 610dbd8ac271aa36080aac50b928d700ee3fe4de` affected `9f5e8eee5cfe1328660c71812d87c2a67bda389f - < 246f80a0b17f8f582b2c0996db02998239057c65`
Linux	Linux	affected `2.6.20` unaffected `0 - < 2.6.20` unaffected `6.5.4 - <= 6.5.` unaffected `6.6 - <= `

References

https://git.kernel.org/stable/c/610dbd8ac271aa36080aac50b928d700ee3fe4de

https://git.kernel.org/stable/c/246f80a0b17f8f582b2c0996db02998239057c65

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-52629

Description

Affected Products

References