CVE-2023-52795

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52795
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52795.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52795
Downstream
Related
Published
2024-05-21T15:31:09Z
Modified
2025-10-21T14:57:56.004984Z
Summary
vhost-vdpa: fix use after free in vhost_vdpa_probe()
Details

In the Linux kernel, the following vulnerability has been resolved:

vhost-vdpa: fix use after free in vhostvdpaprobe()

The putdevice() calls vhostvdpareleasedev() which calls idasimpleremove() and frees "v". So this call to idasimpleremove() is a use after free and a double free.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ebe6a354fa7e0a7d5b581da31ad031b19d8693f9
Fixed
c0f8b8fb7df9d1a38652eb5aa817afccd3c56111
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ebe6a354fa7e0a7d5b581da31ad031b19d8693f9
Fixed
ae8ea4e200675a940c365b496ef8e3fb4123601c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ebe6a354fa7e0a7d5b581da31ad031b19d8693f9
Fixed
bf04132cd64ccde4e9e9765d489c83fe83c09b7f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ebe6a354fa7e0a7d5b581da31ad031b19d8693f9
Fixed
e07754e0a1ea2d63fb29574253d1fd7405607343

Affected versions

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.5.1
v6.5.10
v6.5.11
v6.5.12
v6.5.2
v6.5.3
v6.5.4
v6.5.5
v6.5.6
v6.5.7
v6.5.8
v6.5.9
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.2

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "183280746998194965725956741891684295759",
                "249178396796530292205599454466443999918",
                "335686041329846606202032456963932095998",
                "28684666864985910972975544501149720259"
            ]
        },
        "target": {
            "file": "drivers/vhost/vdpa.c"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-10184630",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e07754e0a1ea2d63fb29574253d1fd7405607343"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "183280746998194965725956741891684295759",
                "249178396796530292205599454466443999918",
                "335686041329846606202032456963932095998",
                "28684666864985910972975544501149720259"
            ]
        },
        "target": {
            "file": "drivers/vhost/vdpa.c"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-35c8f4ff",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ae8ea4e200675a940c365b496ef8e3fb4123601c"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "183280746998194965725956741891684295759",
                "249178396796530292205599454466443999918",
                "335686041329846606202032456963932095998",
                "28684666864985910972975544501149720259"
            ]
        },
        "target": {
            "file": "drivers/vhost/vdpa.c"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-42644c3b",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf04132cd64ccde4e9e9765d489c83fe83c09b7f"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "183280746998194965725956741891684295759",
                "249178396796530292205599454466443999918",
                "335686041329846606202032456963932095998",
                "28684666864985910972975544501149720259"
            ]
        },
        "target": {
            "file": "drivers/vhost/vdpa.c"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-5f2a946c",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c0f8b8fb7df9d1a38652eb5aa817afccd3c56111"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "299478881082258827017464771499164094247",
            "length": 1434.0
        },
        "target": {
            "file": "drivers/vhost/vdpa.c",
            "function": "vhost_vdpa_probe"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-61b7407b",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e07754e0a1ea2d63fb29574253d1fd7405607343"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "299478881082258827017464771499164094247",
            "length": 1434.0
        },
        "target": {
            "file": "drivers/vhost/vdpa.c",
            "function": "vhost_vdpa_probe"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-6c62c2ff",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c0f8b8fb7df9d1a38652eb5aa817afccd3c56111"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "299478881082258827017464771499164094247",
            "length": 1434.0
        },
        "target": {
            "file": "drivers/vhost/vdpa.c",
            "function": "vhost_vdpa_probe"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-913c864c",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ae8ea4e200675a940c365b496ef8e3fb4123601c"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "299478881082258827017464771499164094247",
            "length": 1434.0
        },
        "target": {
            "file": "drivers/vhost/vdpa.c",
            "function": "vhost_vdpa_probe"
        },
        "signature_version": "v1",
        "id": "CVE-2023-52795-ab67f606",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf04132cd64ccde4e9e9765d489c83fe83c09b7f"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.0.0
Fixed
6.1.64
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.5.13
Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.3