CVE-2023-52795

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-52795

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52795.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-52795

Downstream

BELL-CVE-2023-52795

DEBIAN-CVE-2023-52795

OESA-2024-1693

OESA-2024-1694

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2023-52795

Related

Published

2024-05-21T15:31:09Z

Modified

2025-10-08T17:30:52.246613Z

Summary

vhost-vdpa: fix use after free in vhost_vdpa_probe()

Details

In the Linux kernel, the following vulnerability has been resolved:

vhost-vdpa: fix use after free in vhostvdpaprobe()

The putdevice() calls vhostvdpareleasedev() which calls idasimpleremove() and frees "v". So this call to idasimpleremove() is a use after free and a double free.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ebe6a354fa7e0a7d5b581da31ad031b19d8693f9

Fixed

c0f8b8fb7df9d1a38652eb5aa817afccd3c56111

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ebe6a354fa7e0a7d5b581da31ad031b19d8693f9

Fixed

ae8ea4e200675a940c365b496ef8e3fb4123601c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ebe6a354fa7e0a7d5b581da31ad031b19d8693f9

Fixed

bf04132cd64ccde4e9e9765d489c83fe83c09b7f

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ebe6a354fa7e0a7d5b581da31ad031b19d8693f9

Fixed

e07754e0a1ea2d63fb29574253d1fd7405607343

Affected versions

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.22

v6.1.23

v6.1.24

v6.1.25

v6.1.26

v6.1.27

v6.1.28

v6.1.29

v6.1.3

v6.1.30

v6.1.31

v6.1.32

v6.1.33

v6.1.34

v6.1.35

v6.1.36

v6.1.37

v6.1.38

v6.1.39

v6.1.4

v6.1.40

v6.1.41

v6.1.42

v6.1.43

v6.1.44

v6.1.45

v6.1.46

v6.1.47

v6.1.48

v6.1.49

v6.1.5

v6.1.50

v6.1.51

v6.1.52

v6.1.53

v6.1.54

v6.1.55

v6.1.56

v6.1.57

v6.1.58

v6.1.59

v6.1.6

v6.1.60

v6.1.61

v6.1.62

v6.1.63

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.5.1

v6.5.10

v6.5.11

v6.5.12

v6.5.2

v6.5.3

v6.5.4

v6.5.5

v6.5.6

v6.5.7

v6.5.8

v6.5.9

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.2

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.0.0

Fixed

6.1.64

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.5.13

Type: ECOSYSTEM
Events: Introduced

6.6.0

Fixed

6.6.3