CVE-2023-52439

high

Published 2024-09-24 · Modified 2024-11-03

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

8.0

Description

Important: kernel security update

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description kernel: uio: Fix use-after-free in uio_open Red Hat statement The bug could happen only if uio being used (userspace driver core code that allows userspace programs easy access to kernel interrupts and memory locations, allowing some drivers to be written in userspace). Since the bug happens during loading or unloading of uio (that is privileged operation), the security impact is…

Description

kernel: uio: Fix use-after-free in uio_open

Red Hat statement

The bug could happen only if uio being used (userspace driver core code that allows userspace programs easy access to kernel interrupts and memory locations, allowing some drivers to be written in userspace). Since the bug happens during loading or unloading of uio (that is privileged operation), the security impact is limited.

CVSS v3: 7.0 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 8	`kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10`	RHSA-2024:3627	2024-06-05T00:00:00Z
Red Hat Enterprise Linux 8	`kernel-0:4.18.0-553.5.1.el8_10`	RHSA-2024:3618	2024-06-05T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	`kernel-0:4.18.0-372.118.1.el8_6`	RHSA-2024:5281	2024-08-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service	`kernel-0:4.18.0-372.118.1.el8_6`	RHSA-2024:5281	2024-08-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	`kernel-0:4.18.0-372.118.1.el8_6`	RHSA-2024:5281	2024-08-13T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support	`kernel-0:4.18.0-477.74.1.el8_8`	RHSA-2024:6993	2024-09-24T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-427.37.1.el9_4`	RHSA-2024:6997	2024-09-24T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-427.37.1.el9_4`	RHSA-2024:6997	2024-09-24T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support	`kernel-0:5.14.0-284.75.1.el9_2`	RHSA-2024:4823	2024-07-24T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support	`kernel-rt-0:5.14.0-284.75.1.rt14.360.el9_2`	RHSA-2024:4831	2024-07-24T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 6	`kernel`	Not affected
Red Hat Enterprise Linux 7	`kernel`	Out of support scope
Red Hat Enterprise Linux 7	`kernel-rt`	Out of support scope
Red Hat Enterprise Linux 9	`kernel-rt`	Affected

Apply commands

bash fix

Apply RHSA-2024:3627 for Red Hat Enterprise Linux 8

yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rt

Affected

Vendor	Product	Version
redhat	Red Hat Enterprise Linux 6	`Not affected`
redhat	Red Hat Enterprise Linux 9	`Affected`

OS impact

SUSE Affected 1 release

Version	Status	Fixed in
—	Affected	—

AlmaLinux Fixed 2 releases

Version	Status	Fixed in
9	Fixed	`kernel-64k-devel-matched-5.14.0-427.37.1.el9_4.aarch64.rpm`
8	Fixed	`kernel-rt-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm`

Debian Fixed 5 releases

Version	Status	Fixed in
trixie	Fixed	`6.6.13-1`
sid	Fixed	`6.6.13-1`
forky	Fixed	`6.6.13-1`
bullseye	Fixed	`5.10.209-1`
bookworm	Fixed	`6.1.76-1`

Red Hat Fixed 2 releases

Version	Status	Fixed in
9	Fixed	—
8	Fixed	—

Rocky Linux Fixed 1 release

Version	Status	Fixed in
8	Fixed	—

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.