CVE-2023-52502

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52502
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52502.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52502
Downstream
Related
Published
2024-03-02T22:15:47Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: nfc: fix races in nfcllcpsockget() and nfcllcpsockget_sn()

Sili Luo reported a race in nfcllcpsock_get(), leading to UAF.

Getting a reference on the socket found in a lookup while holding a lock should happen before releasing the lock.

nfcllcpsockgetsn() has a similar problem.

Finally nfcllcprecvsnl() needs to make sure the socket found by nfcllcpsockfrom_sn() does not disappear.

References

Affected packages