CVE-2023-52840

Summary

In the Linux kernel, the following vulnerability has been resolved:

Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()

The put_device() calls rmi_release_function() which frees "fn" so the dereference on the next line "fn->num_of_irqs" is a use after free. Move the put_device() to the end to fix this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < 2f236d8638f5b43e0c72919a6a27fe286c32053faffected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < 50d12253666195a14c6cd2b81c376e2dbeedbdffaffected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < 6c71e065befb2fae8f1461559b940c04e1071bd5affected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < 303766bb92c5c225cf40f9bbbe7e29749406e2f2affected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < 7082b1fb5321037bc11ba1cf2d7ed23c6b2b521faffected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < cc56c4d17721dcb10ad4e9c9266e449be1462683affected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < c8e639f5743cf4b01f8c65e0df075fe4d782b585affected
LinuxLinux24d28e4f1271cb2f91613dada8f2acccd00eff56 < eb988e46da2e4eae89f5337e047ce372fe33d5b1affected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux4.19.299 <= 4.19.*unaffected
LinuxLinux5.4.261 <= 5.4.*unaffected
LinuxLinux5.10.201 <= 5.10.*unaffected
LinuxLinux5.15.139 <= 5.15.*unaffected
LinuxLinux6.1.63 <= 6.1.*unaffected
LinuxLinux6.5.12 <= 6.5.*unaffected
LinuxLinux6.6.2 <= 6.6.*unaffected
LinuxLinux6.7 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References