Action not permitted
Modal body text goes here.
gsd-2023-52670
Vulnerability from gsd
Modified
2024-03-08 06:01
Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-52670" ], "id": "GSD-2023-52670", "modified": "2024-03-08T06:01:59.020651Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2023-52670", "STATE": "RESERVED" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } } } }
cve-2023-52670
Vulnerability from cvelistv5
Published
2024-05-17 14:02
Modified
2024-11-04 14:50
Severity ?
EPSS score ?
Summary
rpmsg: virtio: Free driver_override when rpmsg_remove()
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "229ce47cbfdc", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "dd50fe18c234", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "69ca89d80f2c", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "2d27a7b19cb3", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "f4bb1d5daf77", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "4e6cef3fae5c", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "9a416d624e5f", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "d5362c37e1f8", "status": "affected", "version": "b0b03b811963", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "4.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "4.13", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "4.20", "status": "unaffected", "version": "4.19.307", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.5", "status": "unaffected", "version": "5.4269", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.11", "status": "unaffected", "version": "5.10.210", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.16", "status": "unaffected", "version": "5.15.149", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.2", "status": "unaffected", "version": "6.1.76", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.7", "status": "unaffected", "version": "6.6.15", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.8", "status": "unaffected", "version": "6.73", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.8" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52670", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-06T20:01:16.725609Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T20:35:10.952Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:34.486Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/229ce47cbfdc7d3a9415eb676abbfb77d676cb08" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dd50fe18c234bd5ff22f658f4d414e8fa8cd6a5d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69ca89d80f2c8a1f5af429b955637beea7eead30" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2d27a7b19cb354c6d04bcdc9239e261ff29858d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f4bb1d5daf77b1a95a43277268adf0d1430c2346" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4e6cef3fae5c164968118a13f3fe293700adc81a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9a416d624e5fb7246ea97c11fbfea7e0e27abf43" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d5362c37e1f8a40096452fc201c30e705750e687" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/rpmsg/virtio_rpmsg_bus.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "229ce47cbfdc", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "dd50fe18c234", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "69ca89d80f2c", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "2d27a7b19cb3", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "f4bb1d5daf77", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "4e6cef3fae5c", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "9a416d624e5f", "status": "affected", "version": "b0b03b811963", "versionType": "git" }, { "lessThan": "d5362c37e1f8", "status": "affected", "version": "b0b03b811963", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/rpmsg/virtio_rpmsg_bus.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.13" }, { "lessThan": "4.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.307", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.269", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.210", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.149", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.76", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.15", "versionType": "semver" }, { "lessThanOrEqual": "6.7.*", "status": "unaffected", "version": "6.7.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: virtio: Free driver_override when rpmsg_remove()\n\nFree driver_override when rpmsg_remove(), otherwise\nthe following memory leak will occur:\n\nunreferenced object 0xffff0000d55d7080 (size 128):\n comm \"kworker/u8:2\", pid 56, jiffies 4294893188 (age 214.272s)\n hex dump (first 32 bytes):\n 72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00 rpmsg_ns........\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000009c94c9c1\u003e] __kmem_cache_alloc_node+0x1f8/0x320\n [\u003c000000002300d89b\u003e] __kmalloc_node_track_caller+0x44/0x70\n [\u003c00000000228a60c3\u003e] kstrndup+0x4c/0x90\n [\u003c0000000077158695\u003e] driver_set_override+0xd0/0x164\n [\u003c000000003e9c4ea5\u003e] rpmsg_register_device_override+0x98/0x170\n [\u003c000000001c0c89a8\u003e] rpmsg_ns_register_device+0x24/0x30\n [\u003c000000008bbf8fa2\u003e] rpmsg_probe+0x2e0/0x3ec\n [\u003c00000000e65a68df\u003e] virtio_dev_probe+0x1c0/0x280\n [\u003c00000000443331cc\u003e] really_probe+0xbc/0x2dc\n [\u003c00000000391064b1\u003e] __driver_probe_device+0x78/0xe0\n [\u003c00000000a41c9a5b\u003e] driver_probe_device+0xd8/0x160\n [\u003c000000009c3bd5df\u003e] __device_attach_driver+0xb8/0x140\n [\u003c0000000043cd7614\u003e] bus_for_each_drv+0x7c/0xd4\n [\u003c000000003b929a36\u003e] __device_attach+0x9c/0x19c\n [\u003c00000000a94e0ba8\u003e] device_initial_probe+0x14/0x20\n [\u003c000000003c999637\u003e] bus_probe_device+0xa0/0xac" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:50:48.660Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/229ce47cbfdc7d3a9415eb676abbfb77d676cb08" }, { "url": "https://git.kernel.org/stable/c/dd50fe18c234bd5ff22f658f4d414e8fa8cd6a5d" }, { "url": "https://git.kernel.org/stable/c/69ca89d80f2c8a1f5af429b955637beea7eead30" }, { "url": "https://git.kernel.org/stable/c/2d27a7b19cb354c6d04bcdc9239e261ff29858d6" }, { "url": "https://git.kernel.org/stable/c/f4bb1d5daf77b1a95a43277268adf0d1430c2346" }, { "url": "https://git.kernel.org/stable/c/4e6cef3fae5c164968118a13f3fe293700adc81a" }, { "url": "https://git.kernel.org/stable/c/9a416d624e5fb7246ea97c11fbfea7e0e27abf43" }, { "url": "https://git.kernel.org/stable/c/d5362c37e1f8a40096452fc201c30e705750e687" } ], "title": "rpmsg: virtio: Free driver_override when rpmsg_remove()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52670", "datePublished": "2024-05-17T14:02:01.617Z", "dateReserved": "2024-03-07T14:49:46.885Z", "dateUpdated": "2024-11-04T14:50:48.660Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.