CVE-2023-52509
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-52509
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52509.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52509
- Downstream
- Related
- Published
- 2024-03-02T21:52:22.006Z
- Modified
- 2025-11-28T02:34:36.954783Z
- Summary
- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ravb: Fix use-after-free issue in ravbtxtimeout_work()
The ravbstop() should call cancelworksync(). Otherwise, ravbtxtimeoutwork() is possible to use the freed priv after ravb_remove() was called like below:
CPU0 CPU1 ravbtxtimeout() ravbremove() unregisternetdev() freenetdev(ndev) // free priv ravbtxtimeoutwork() // use priv
unregisternetdev() will call .ndostop() so that ravbstop() is called. And, after phystop() is called, netifcarrieroff() is also called. So that .ndotxtimeout() will not be called after phy_stop().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52509.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/105abd68ad8f781985113aee2e92e0702b133705
- https://git.kernel.org/stable/c/3971442870713de527684398416970cf025b4f89
- https://git.kernel.org/stable/c/616761cf9df9af838c0a1a1232a69322a9eb67e6
- https://git.kernel.org/stable/c/65d34cfd4e347054eb4193bc95d9da7eaa72dee5
- https://git.kernel.org/stable/c/6f6fa8061f756aedb93af12a8a5d3cf659127965
- https://git.kernel.org/stable/c/db9aafa19547833240f58c2998aed7baf414dc82
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52509.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52509
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc156633f1353264634135dea86ffcae74f2122fcFixed65d34cfd4e347054eb4193bc95d9da7eaa72dee5Fixeddb9aafa19547833240f58c2998aed7baf414dc82Fixed616761cf9df9af838c0a1a1232a69322a9eb67e6Fixed6f6fa8061f756aedb93af12a8a5d3cf659127965Fixed105abd68ad8f781985113aee2e92e0702b133705Fixed3971442870713de527684398416970cf025b4f89