CVE-2023-52922
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-52922: A vulnerability has been discovered in the Linux kernel's bcm driver. The issue, identified as a use-after-free (UAF), is located in the function bcm_proc_show(). The bug was triggered by task 'cat' when it attempted to read memory that had already been freed by the same task in bcm_sendmsg(). This could potentially lead to a read of arbitrary data, posing a security risk. The susceptible code was executed on a QEMU Standard PC (i440FX + PIIX) and was resolved by proper cleanup of the bcm_op structure before removing the procfs entry in bcm_release().
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX