How severe is CVE-2023-52503?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2023-52503?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2023-52503 - HIGH Severity | CVSS 7

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix use-after-free vulnerability in amdtee_close_session There is a potential race condition in amdtee_close_session that may cause use-after-free in amdtee_open_session. For instance, if a session has refcount == 1, and one thread tries to free this session via: kref_put(&sess->refcount, destroy_session); the reference count will get decremented, and the next step would be to call destroy_session(). However, if in another thread, amdtee_open_session() is called before destroy_session() has completed execution, alloc_session() may return 'sess' that will be freed up later in destroy_session() leading to use-after-free in amdtee_open_session. To fix this issue, treat decrement of sess->refcount and removal of 'sess' from session list in destroy_session() as a critical section, so that it is executed atomically.

Related Vulnerabilities

CVE-2014-9940

HIGH

CVSS:7.0(High)

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted appli...

CWE-4162014

CVE-2016-10088

HIGH

CVSS:7.0(High)

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrar...

CWE-4162016

CVE-2017-10661

HIGH

CVSS:7.0(High)

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descripto...

CWE-4162017

CVE-2017-17053

HIGH

CVSS:7.0(High)

The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a...

CWE-4162017

CVE-2017-18153

HIGH

CVSS:7.0(High)

A race condition exists in a driver potentially leading to a use-after-free condition.

CWE-4162017

CVE-2017-18202

HIGH

CVSS:7.0(High)

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) ...

CWE-4162017