CVE-2023-53047

02.05.2025, 16:15

In the Linux kernel, the following vulnerability has been resolved:

tee: amdtee: fix race condition in amdtee_open_session

There is a potential race condition in amdtee_open_session that may
lead to use-after-free. For instance, in amdtee_open_session() after
sess->sess_mask is set, and before setting:

    sess->session_info[i] = session_info;

if amdtee_close_session() closes this same session, then 'sess' data
structure will be released, causing kernel panic when 'sess' is
accessed within amdtee_open_session().

The solution is to set the bit sess->sess_mask as the last step in
amdtee_open_session().

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.234-1 fixed
bookworm	6.1.129-1 fixed
bookworm (security)	6.1.135-1 fixed
trixie	6.12.22-1 fixed
sid	6.12.25-1 fixed

References

https://git.kernel.org/stable/c/02b296978a2137d7128151c542e84dc96400bc00

https://git.kernel.org/stable/c/a63cce9393e4e7dbc5af82dc87e68cb321cb1a78

https://git.kernel.org/stable/c/b3ef9e6fe09f1a132af28c623edcf4d4f39d9f35

https://git.kernel.org/stable/c/f632a90f8e39db39b322107b9a8d438b826a7f4f

https://git.kernel.org/stable/c/f8502fba45bd30e1a6a354d9d898bc99d1a11e6d