CVE-2023-53075
Published: May 2, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookup_rec() when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookup_rec Read of size 8 at addr ffff000199270ff0 by task modprobe CPU: 2 Comm: modprobe Call trace: kasan_report __asan_load8 lookup_rec ftrace_location arch_check_ftrace_location check_kprobe_address_safe register_kprobe When checking pg->records[pg->index - 1].ip in lookup_rec(), it can get a pg which is newly added to ftrace_pages_start in ftrace_process_locs(). Before the first pg->index++, index is 0 and accessing pg->records[-1].ip will cause this problem. Don't check the ip when pg->index is 0.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 9644302e3315e7e36495d230d5ac7125a316d33e - < 2de28e5ce34b22b73b833a21e2c45ae3aade3964affected 9644302e3315e7e36495d230d5ac7125a316d33e - < 7569ee04b0e3b32df79f64db3a7138573edad9bcaffected 9644302e3315e7e36495d230d5ac7125a316d33e - < ac58b88ccbbb8e9fb83e137cee04a856b1ea6635affected 9644302e3315e7e36495d230d5ac7125a316d33e - < 83c3b2f4e7c61367c7b24551f4c6eb94bbdda283affected 9644302e3315e7e36495d230d5ac7125a316d33e - < 2a0d71fabfeb349216d33f001a6421b1768bd3a9+3 more versions |
Linux | Linux | affected 3.5unaffected 0 - < 3.5unaffected 4.14.311 - <= 4.14.*unaffected 4.19.279 - <= 4.19.*unaffected 5.4.238 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now