CVE - CVE-2023-52576

CVE-ID
CVE-2023-52576	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() The code calling ima_free_kexec_buffer() runs long after the memblock allocator has already been torn down, potentially resulting in a use after free in memblock_isolate_range(). With KASAN or KFENCE, this use after free will result in a BUG from the idle task, and a subsequent kernel panic. Switch ima_free_kexec_buffer() over to memblock_free_late() to avoid that bug.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/34cf99c250d5cd2530b93a57b0de31d3aaf8685b URL:https://git.kernel.org/stable/c/34cf99c250d5cd2530b93a57b0de31d3aaf8685b MISC:https://git.kernel.org/stable/c/d2dfbc0e3b7a04c2d941421a958dc31c897fb204 URL:https://git.kernel.org/stable/c/d2dfbc0e3b7a04c2d941421a958dc31c897fb204 MISC:https://git.kernel.org/stable/c/eef16bfdb212da60f5144689f2967fb25b051a2b URL:https://git.kernel.org/stable/c/eef16bfdb212da60f5144689f2967fb25b051a2b
Assigning CNA
kernel.org
Date Record Created
20240302	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240302)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)