In the Linux kernel, the following vulnerability has been resolved:
clk: microchip: fix potential UAF in auxdev release callback
Similar to commit 1c11289b34ab ("peci: cpu: Fix use-after-free in adevrelease()"), the auxiliary device is not torn down in the correct order. If auxiliarydevice_add() fails, the release callback will be called twice, resulting in a UAF. Due to timing, the auxdev code in this driver "took inspiration" from the aforementioned commit, and thus its bugs too!
Moving auxiliarydeviceuninit() to the unregister callback instead avoids the issue.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53636.json",
"cna_assigner": "Linux"
}