CVE-2023-52840

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52840
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52840.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52840
Downstream
Related
Published
2024-05-21T15:31:39.862Z
Modified
2025-11-28T02:35:40.239108Z
Summary
Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
Details

In the Linux kernel, the following vulnerability has been resolved:

Input: synaptics-rmi4 - fix use after free in rmiunregisterfunction()

The putdevice() calls rmireleasefunction() which frees "fn" so the dereference on the next line "fn->numofirqs" is a use after free. Move the putdevice() to the end to fix this.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52840.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
24d28e4f1271cb2f91613dada8f2acccd00eff56
Fixed
2f236d8638f5b43e0c72919a6a27fe286c32053f
Fixed
50d12253666195a14c6cd2b81c376e2dbeedbdff
Fixed
6c71e065befb2fae8f1461559b940c04e1071bd5
Fixed
303766bb92c5c225cf40f9bbbe7e29749406e2f2
Fixed
7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f
Fixed
cc56c4d17721dcb10ad4e9c9266e449be1462683
Fixed
c8e639f5743cf4b01f8c65e0df075fe4d782b585
Fixed
eb988e46da2e4eae89f5337e047ce372fe33d5b1

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.18.0
Fixed
4.19.299
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.261
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.201
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.139
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.63
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.5.12
Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.2