CVE-2023-52469

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-416
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes through the following call chains: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its first free in kv_parse_power_table and causes a use-after-free bug.

Related Vulnerabilities

CVE-2009-0749

HIGH
CVSS:7.8(High)

Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (applicatio...

CWE-4162009

CVE-2009-4324

HIGH
CVSS:7.8(High)

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to exec...

CWE-4162009

CVE-2013-2830

HIGH
CVSS:7.8(High)

Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted PDF file.

CWE-4162013

CVE-2014-9926

HIGH
CVSS:7.8(High)

In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

CWE-4162014

CVE-2014-9930

HIGH
CVSS:7.8(High)

In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

CWE-4162014

CVE-2014-9946

HIGH
CVSS:7.8(High)

In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

CWE-4162014