CVE-2023-53047

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53047
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53047.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53047
Downstream
Published
2025-05-02T15:55:04.071Z
Modified
2026-03-20T12:32:56.163021Z
Summary
tee: amdtee: fix race condition in amdtee_open_session
Details

In the Linux kernel, the following vulnerability has been resolved:

tee: amdtee: fix race condition in amdteeopensession

There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession() after sess->sess_mask is set, and before setting:

sess->session_info[i] = session_info;

if amdteeclosesession() closes this same session, then 'sess' data structure will be released, causing kernel panic when 'sess' is accessed within amdteeopensession().

The solution is to set the bit sess->sessmask as the last step in amdteeopen_session().

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53047.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
757cc3e9ff1d72d014096399d6e2bf03974d9da1
Fixed
f632a90f8e39db39b322107b9a8d438b826a7f4f
Fixed
02b296978a2137d7128151c542e84dc96400bc00
Fixed
a63cce9393e4e7dbc5af82dc87e68cb321cb1a78
Fixed
b3ef9e6fe09f1a132af28c623edcf4d4f39d9f35
Fixed
f8502fba45bd30e1a6a354d9d898bc99d1a11e6d

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53047.json"