CVE-2023-53459

In the Linux kernel, the following vulnerability has been resolved:

HID: mcp-2221: prevent UAF in delayed work

If the device is plugged/unplugged without giving time for mcp_init_work()
to complete, we might kick in the devm free code path and thus have
unavailable struct mcp_2221 while in delayed work.

Canceling the delayed_work item is enough to solve the issue, because
cancel_delayed_work_sync will prevent the work item to requeue itself.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bookworm
6.1.148-1
not-affected
bullseye (security)
5.10.237-1
fixed
bookworm (security)
6.1.153-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.16.8-1
fixed
sid
6.16.9-1
fixed
References
https://git.kernel.org/stable/c/47e91fdfa511139f2549687edb0d8649b123227b
https://git.kernel.org/stable/c/5dc297652dbc557eba7ca7d6a4c5f1940dffffb1