CVE-2023-53484

HIGH EPSS 4.5%
Published Oct 1, 20259mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: lib: cpu_rmap: Avoid use after free on rmap->obj array entries When calling irq_set_affinity_notifier() with NULL at the notify argument, it will cause freeing of the glue pointer in the corresponding array entry but will leave the pointer in the array. A subsequent call to free_irq_cpu_rmap() will try to free this entry again leading to possible use after free. Fix that by setting NULL to the array entry and checking that we have non-zero at the array entry when iterating over the array in free_irq_cpu_rmap(). The current code does not suffer from this since there are no cases where irq_set_affinity_notifier(irq, NULL) (note the NULL passed for the notify arg) is called, followed by a call to free_irq_cpu_rmap() so we don't hit and issue. Subsequent patches in this series excersize this flow, hence the required fix.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
4.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥3.8.1  –  <4.14.316
linuxlinux_kernel*≥4.15  –  <4.19.284
linuxlinux_kernel*≥4.20  –  <5.4.244
linuxlinux_kernel*≥5.5  –  <5.10.181
linuxlinux_kernel*≥5.11  –  <5.15.113
linuxlinux_kernel*≥5.16  –  <6.1.30
linuxlinux_kernel*≥6.2  –  <6.3.4
linuxlinux_kernel3.8any
linuxlinux_kernel3.8any
linuxlinux_kernel3.8any
linuxlinux_kernel3.8any
linuxlinux_kernel3.8any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/4e0473f1060aa49621d40a113afde24818101d37
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67bca5f1d644f4e79b694abd8052a177de81c37f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/981f339d2905b6a92ef59358158b326493aecac5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c6ed54dd90698dc0744d669524cc1c122ded8a16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c9115f49cf260d24d8b5f2d9a4b63cb31a627bb4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc2d2b3dbfb0ba57bc027fb7e1121250c50e4000
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1308bd0b24cb1d78fa2747d5fa3e055cc628a48
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f748e15253833b771acbede14ea98f50831ac289
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/4e0473f1060aa49621d40a113afde24818101d37
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67bca5f1d644f4e79b694abd8052a177de81c37f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/981f339d2905b6a92ef59358158b326493aecac5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c6ed54dd90698dc0744d669524cc1c122ded8a16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c9115f49cf260d24d8b5f2d9a4b63cb31a627bb4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc2d2b3dbfb0ba57bc027fb7e1121250c50e4000
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1308bd0b24cb1d78fa2747d5fa3e055cc628a48
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f748e15253833b771acbede14ea98f50831ac289
    Patch