CVE-2023-53479
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53479
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53479.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53479
- Downstream
- Related
- Published
- 2025-10-01T11:42:47Z
- Modified
- 2025-10-16T17:54:20.658911Z
- Summary
- cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
cxl/acpi: Fix a use-after-free in cxlparsecfmws()
KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxldecoderadd() fail path. KASAN prints the following error:
BUG: KASAN: slab-use-after-free in cxlparsecfmws (drivers/cxl/acpi.c:299)
This happens in cxlparsecfmws(), where put_device() is called, releasing cxld, which is accessed later.
Use the local variables in the deverr() instead of pointing to the released memory. Since the deverr() is printing a resource, change the open coded print format to use the %pr format specifier.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede50fe01e1f2a4aba2275edee7d5c77ac87674ddbFixed748fadc08bcbdaf573b34d9784bb3dbd87441dbf
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede50fe01e1f2a4aba2275edee7d5c77ac87674ddbFixed316db489647b8ddc381682597e89787eac61a278
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede50fe01e1f2a4aba2275edee7d5c77ac87674ddbFixed4cf67d3cc9994a59cf77bb9c0ccf9007fe916afe
Affected versions
v5.*
v5.19
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.5-rc1