CVE-2023-52510

Summary

In the Linux kernel, the following vulnerability has been resolved:

ieee802154: ca8210: Fix a potential UAF in ca8210_probe

If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister().

Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < 28b68cba378e3e50a4082b65f262bc4f2c7c2addaffected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < cdb46be93c1f7bbf2c4649e9fc5fb147cfb5245daffected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < 85c2857ef90041f567ce98722c1c342c4d31f4bcaffected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < 55e06850c7894f00d41b767c5f5665459f83f58faffected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < 84c6aa0ae5c4dc121f9996bb8fed46c80909d80eaffected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < 217efe32a45249eb07dcd7197e8403de98345e66affected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < becf5c147198f4345243c5df0c4f035415491640affected
LinuxLinuxded845a781a578dfb0b5b2c138e5a067aa3b1242 < f990874b1c98fe8e57ee9385669f501822979258affected
LinuxLinux4.12affected
LinuxLinux0 < 4.12unaffected
LinuxLinux4.14.328 <= 4.14.*unaffected
LinuxLinux4.19.297 <= 4.19.*unaffected
LinuxLinux5.4.259 <= 5.4.*unaffected
LinuxLinux5.10.199 <= 5.10.*unaffected
LinuxLinux5.15.136 <= 5.15.*unaffected
LinuxLinux6.1.59 <= 6.1.*unaffected
LinuxLinux6.5.8 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References