[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-52572":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":66,"related":67,"reserved_at":9,"published_at":77,"modified_at":78,"state":79,"summary":80,"references_raw":89,"kevs":122,"epss":123,"epss_history":126,"metrics":371,"affected":377},"CVE-2023-52572","In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix UAF in cifs_demultiplex_thread()\n\nThere is a UAF when xfstests on cifs:\n\n  BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160\n  Read of size 4 at addr ffff88810103fc08 by task cifsd/923\n\n  CPU: 1 PID: 923 Comm: cifsd Not tainted 6.1.0-rc4+ #45\n  ...\n  Call Trace:\n   \u003CTASK>\n   dump_stack_lvl+0x34/0x44\n   print_report+0x171/0x472\n   kasan_report+0xad/0x130\n   kasan_check_range+0x145/0x1a0\n   smb2_is_network_name_deleted+0x27/0x160\n   cifs_demultiplex_thread.cold+0x172/0x5a4\n   kthread+0x165/0x1a0\n   ret_from_fork+0x1f/0x30\n   \u003C/TASK>\n\n  Allocated by task 923:\n   kasan_save_stack+0x1e/0x40\n   kasan_set_track+0x21/0x30\n   __kasan_slab_alloc+0x54/0x60\n   kmem_cache_alloc+0x147/0x320\n   mempool_alloc+0xe1/0x260\n   cifs_small_buf_get+0x24/0x60\n   allocate_buffers+0xa1/0x1c0\n   cifs_demultiplex_thread+0x199/0x10d0\n   kthread+0x165/0x1a0\n   ret_from_fork+0x1f/0x30\n\n  Freed by task 921:\n   kasan_save_stack+0x1e/0x40\n   kasan_set_track+0x21/0x30\n   kasan_save_free_info+0x2a/0x40\n   ____kasan_slab_free+0x143/0x1b0\n   kmem_cache_free+0xe3/0x4d0\n   cifs_small_buf_release+0x29/0x90\n   SMB2_negotiate+0x8b7/0x1c60\n   smb2_negotiate+0x51/0x70\n   cifs_negotiate_protocol+0xf0/0x160\n   cifs_get_smb_ses+0x5fa/0x13c0\n   mount_get_conns+0x7a/0x750\n   cifs_mount+0x103/0xd00\n   cifs_smb3_do_mount+0x1dd/0xcb0\n   smb3_get_tree+0x1d5/0x300\n   vfs_get_tree+0x41/0xf0\n   path_mount+0x9b3/0xdd0\n   __x64_sys_mount+0x190/0x1d0\n   do_syscall_64+0x35/0x80\n   entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe UAF is because:\n\n mount(pid: 921)               | cifsd(pid: 923)\n-------------------------------|-------------------------------\n                               | cifs_demultiplex_thread\nSMB2_negotiate                 |\n cifs_send_recv                |\n  compound_send_recv           |\n   smb_send_rqst               |\n    wait_for_response          |\n     wait_event_state      [1] |\n                               |  standard_receive3\n                               |   cifs_handle_standard\n                               |    handle_mid\n                               |     mid->resp_buf = buf;  [2]\n                               |     dequeue_mid           [3]\n     KILL the process      [4] |\n    resp_iov[i].iov_base = buf |\n free_rsp_buf              [5] |\n                               |   is_network_name_deleted [6]\n                               |   callback\n\n1. After send request to server, wait the response until\n    mid->mid_state != SUBMITTED;\n2. Receive response from server, and set it to mid;\n3. Set the mid state to RECEIVED;\n4. Kill the process, the mid state already RECEIVED, get 0;\n5. Handle and release the negotiate response;\n6. UAF.\n\nIt can be easily reproduce with add some delay in [3] - [6].\n\nOnly sync call has the problem since async call's callback is\nexecuted in cifsd process.\n\nAdd an extra state to mark the mid state to READY before wakeup the\nwaitter, then it can get the resp safely.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64],{"_key":25},"SUSE-SU-2024:1454-1",{"_key":27},"SUSE-SU-2024:1465-1",{"_key":29},"SUSE-SU-2024:1489-1",{"_key":31},"SUSE-SU-2025:0833-1",{"_key":33},"SUSE-SU-2025:0833-2",{"_key":35},"SUSE-SU-2025:0834-1",{"_key":37},"SUSE-SU-2025:0835-1",{"_key":39},"SUSE-SU-2025:0853-1",{"_key":41},"SUSE-SU-2025:0945-1",{"_key":43},"DLA-4178-1",{"_key":45},"DEBIAN-CVE-2023-52572",{"_key":47},"UBUNTU-CVE-2023-52572",{"_key":49},"USN-7654-1",{"_key":51},"USN-7654-2",{"_key":53},"USN-7654-3",{"_key":55},"USN-7654-4",{"_key":57},"USN-7654-5",{"_key":59},"USN-7655-1",{"_key":61},"USN-7686-1",{"_key":63},"USN-7123-1",{"_key":65},"USN-7194-1",[],[68,69,70,71,72,73,74,75,76],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},"2024-03-02T21:59:41.980Z","2026-05-11T19:29:28.832Z","Analyzed",{"cisa_kev":81,"cisa_ransomware":81,"cisa_vendor":9,"epss_severity":82,"epss_score":83,"severity":84,"severity_score":85,"severity_version":86,"severity_source":87,"severity_vector":88,"severity_status":79},false,"low",0.00013,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[90,96,100,104,108,112,116],{"url":91,"sources":92,"tags":94},"https://git.kernel.org/stable/c/fe87e2d0e6265859c659a3ef1e2559a83c5e8e68",[93,87],"cve.org",[95],"Patch",{"url":97,"sources":98,"tags":99},"https://git.kernel.org/stable/c/99960d282fba6634fa758df4124cb73ef8a77d8a",[93,87],[95],{"url":101,"sources":102,"tags":103},"https://git.kernel.org/stable/c/ed3b36f351d97dacb62cd0f399e8cf79f73bd30a",[93,87],[95],{"url":105,"sources":106,"tags":107},"https://git.kernel.org/stable/c/908b3b5e97d25e879de3d1f172a255665491c2c3",[93,87],[95],{"url":109,"sources":110,"tags":111},"https://git.kernel.org/stable/c/76569e3819e0bb59fc19b1b8688b017e627c268a",[93,87],[95],{"url":113,"sources":114,"tags":115},"https://git.kernel.org/stable/c/d527f51331cace562393a8038d870b3e9916686f",[93,87],[95],{"url":117,"sources":118,"tags":119},"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",[93,87],[120,121],"Mailing List","Third Party Advisory",[],{"date":124,"score":83,"percentile":125},"2026-06-03",0.02092,[127,131,134,137,140,143,145,148,150,152,155,158,160,162,165,169,172,175,178,181,183,185,188,191,194,196,199,202,205,208,210,213,216,219,222,224,227,230,233,236,239,242,244,247,250,253,256,259,262,265,267,269,272,275,278,280,283,286,289,292,295,298,300,303,305,307,309,312,315,318,321,323,325,327,330,333,336,339,342,344,346,349,351,353,356,359,361,364,366,369],{"date":128,"score":129,"percentile":130},"2025-11-04",0.0001,0.00743,{"date":132,"score":129,"percentile":133},"2025-11-05",0.00746,{"date":135,"score":129,"percentile":136},"2025-11-06",0.00747,{"date":138,"score":129,"percentile":139},"2025-11-07",0.0075,{"date":141,"score":129,"percentile":142},"2025-11-08",0.00749,{"date":144,"score":129,"percentile":136},"2025-11-09",{"date":146,"score":129,"percentile":147},"2025-11-10",0.00742,{"date":149,"score":129,"percentile":130},"2025-11-11",{"date":151,"score":129,"percentile":147},"2025-11-12",{"date":153,"score":129,"percentile":154},"2025-11-13",0.00741,{"date":156,"score":129,"percentile":157},"2025-11-14",0.00745,{"date":159,"score":129,"percentile":136},"2025-11-15",{"date":161,"score":129,"percentile":133},"2025-11-16",{"date":163,"score":129,"percentile":164},"2025-11-17",0.00738,{"date":166,"score":167,"percentile":168},"2025-11-18",0.0009,0.2169,{"date":170,"score":167,"percentile":171},"2025-11-19",0.21702,{"date":173,"score":167,"percentile":174},"2025-11-20",0.21712,{"date":176,"score":129,"percentile":177},"2025-11-21",0.00754,{"date":179,"score":129,"percentile":180},"2025-11-22",0.00752,{"date":182,"score":129,"percentile":136},"2025-11-23",{"date":184,"score":129,"percentile":130},"2025-11-24",{"date":186,"score":129,"percentile":187},"2025-11-25",0.0074,{"date":189,"score":83,"percentile":190},"2025-11-26",0.01447,{"date":192,"score":83,"percentile":193},"2025-11-27",0.01446,{"date":195,"score":83,"percentile":190},"2025-11-28",{"date":197,"score":83,"percentile":198},"2025-11-29",0.01485,{"date":200,"score":83,"percentile":201},"2025-11-30",0.01496,{"date":203,"score":83,"percentile":204},"2025-12-01",0.01525,{"date":206,"score":83,"percentile":207},"2025-12-02",0.0152,{"date":209,"score":83,"percentile":207},"2025-12-03",{"date":211,"score":83,"percentile":212},"2025-12-04",0.01493,{"date":214,"score":83,"percentile":215},"2025-12-05",0.01503,{"date":217,"score":83,"percentile":218},"2025-12-06",0.01505,{"date":220,"score":83,"percentile":221},"2025-12-07",0.01499,{"date":223,"score":83,"percentile":221},"2025-12-08",{"date":225,"score":83,"percentile":226},"2025-12-09",0.01513,{"date":228,"score":83,"percentile":229},"2025-12-10",0.01528,{"date":231,"score":83,"percentile":232},"2025-12-11",0.01524,{"date":234,"score":83,"percentile":235},"2025-12-12",0.01527,{"date":237,"score":83,"percentile":238},"2025-12-13",0.01511,{"date":240,"score":83,"percentile":241},"2025-12-14",0.01504,{"date":243,"score":83,"percentile":221},"2025-12-15",{"date":245,"score":83,"percentile":246},"2025-12-16",0.01508,{"date":248,"score":83,"percentile":249},"2025-12-17",0.01517,{"date":251,"score":83,"percentile":252},"2025-12-18",0.016,{"date":254,"score":83,"percentile":255},"2025-12-19",0.01604,{"date":257,"score":83,"percentile":258},"2025-12-20",0.01606,{"date":260,"score":83,"percentile":261},"2025-12-21",0.0153,{"date":263,"score":83,"percentile":264},"2025-12-22",0.01531,{"date":266,"score":83,"percentile":229},"2025-12-23",{"date":268,"score":83,"percentile":264},"2025-12-24",{"date":270,"score":83,"percentile":271},"2025-12-25",0.01535,{"date":273,"score":83,"percentile":274},"2025-12-26",0.01539,{"date":276,"score":83,"percentile":277},"2025-12-27",0.01534,{"date":279,"score":83,"percentile":264},"2025-12-28",{"date":281,"score":83,"percentile":282},"2025-12-29",0.01523,{"date":284,"score":83,"percentile":285},"2025-12-30",0.01516,{"date":287,"score":83,"percentile":288},"2025-12-31",0.01514,{"date":290,"score":83,"percentile":291},"2026-01-01",0.01537,{"date":293,"score":83,"percentile":294},"2026-01-02",0.0154,{"date":296,"score":83,"percentile":297},"2026-01-03",0.01544,{"date":299,"score":83,"percentile":238},"2026-01-04",{"date":301,"score":83,"percentile":302},"2026-01-05",0.01519,{"date":304,"score":83,"percentile":226},"2026-01-06",{"date":306,"score":83,"percentile":207},"2026-01-07",{"date":308,"score":83,"percentile":277},"2026-01-08",{"date":310,"score":83,"percentile":311},"2026-01-09",0.01549,{"date":313,"score":83,"percentile":314},"2026-01-10",0.01559,{"date":316,"score":83,"percentile":317},"2026-01-11",0.01557,{"date":319,"score":83,"percentile":320},"2026-01-12",0.01538,{"date":322,"score":83,"percentile":271},"2026-01-13",{"date":324,"score":83,"percentile":294},"2026-01-14",{"date":326,"score":83,"percentile":311},"2026-01-15",{"date":328,"score":83,"percentile":329},"2026-01-16",0.01558,{"date":331,"score":83,"percentile":332},"2026-01-17",0.01562,{"date":334,"score":83,"percentile":335},"2026-01-18",0.01571,{"date":337,"score":83,"percentile":338},"2026-01-19",0.01561,{"date":340,"score":83,"percentile":341},"2026-01-20",0.01547,{"date":343,"score":83,"percentile":274},"2026-01-21",{"date":345,"score":83,"percentile":274},"2026-01-22",{"date":347,"score":83,"percentile":348},"2026-01-23",0.01552,{"date":350,"score":83,"percentile":329},"2026-01-24",{"date":352,"score":83,"percentile":317},"2026-01-25",{"date":354,"score":83,"percentile":355},"2026-01-26",0.01554,{"date":357,"score":83,"percentile":358},"2026-01-27",0.01545,{"date":360,"score":83,"percentile":274},"2026-01-28",{"date":362,"score":83,"percentile":363},"2026-01-29",0.01555,{"date":365,"score":83,"percentile":314},"2026-01-30",{"date":367,"score":83,"percentile":368},"2026-01-31",0.01576,{"date":370,"score":83,"percentile":252},"2026-02-01",[372],{"source":87,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":373,"cvss_v4_0":9},{"baseScore":85,"baseSeverity":374,"vectorString":88,"impactScore":375,"exploitabilityScore":376},"HIGH",9.8,4.6,[378,387,416],{"ecosystem":9,"name":379,"vendor":380,"product":381,"cpe_part":382,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":383},"debian linux","debian","debian_linux","o",[384],{"version":385,"is_range":81,"range_type":386,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":388,"vendor":389,"product":389,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"Linux","linux","a",[392,399,402,405,408,411,414],{"version":393,"is_range":394,"range_type":93,"version_start":395,"version_start_type":396,"version_end":397,"version_end_type":398,"fixed_in":9},">= ec637e3ffb6b978143652477c7c5f96c9519b691, \u003C fe87e2d0e6265859c659a3ef1e2559a83c5e8e68",true,"ec637e3ffb6b978143652477c7c5f96c9519b691","including","fe87e2d0e6265859c659a3ef1e2559a83c5e8e68","excluding",{"version":400,"is_range":394,"range_type":93,"version_start":395,"version_start_type":396,"version_end":401,"version_end_type":398,"fixed_in":9},">= ec637e3ffb6b978143652477c7c5f96c9519b691, \u003C 99960d282fba6634fa758df4124cb73ef8a77d8a","99960d282fba6634fa758df4124cb73ef8a77d8a",{"version":403,"is_range":394,"range_type":93,"version_start":395,"version_start_type":396,"version_end":404,"version_end_type":398,"fixed_in":9},">= ec637e3ffb6b978143652477c7c5f96c9519b691, \u003C ed3b36f351d97dacb62cd0f399e8cf79f73bd30a","ed3b36f351d97dacb62cd0f399e8cf79f73bd30a",{"version":406,"is_range":394,"range_type":93,"version_start":395,"version_start_type":396,"version_end":407,"version_end_type":398,"fixed_in":9},">= ec637e3ffb6b978143652477c7c5f96c9519b691, \u003C 908b3b5e97d25e879de3d1f172a255665491c2c3","908b3b5e97d25e879de3d1f172a255665491c2c3",{"version":409,"is_range":394,"range_type":93,"version_start":395,"version_start_type":396,"version_end":410,"version_end_type":398,"fixed_in":9},">= ec637e3ffb6b978143652477c7c5f96c9519b691, \u003C 76569e3819e0bb59fc19b1b8688b017e627c268a","76569e3819e0bb59fc19b1b8688b017e627c268a",{"version":412,"is_range":394,"range_type":93,"version_start":395,"version_start_type":396,"version_end":413,"version_end_type":398,"fixed_in":9},">= ec637e3ffb6b978143652477c7c5f96c9519b691, \u003C d527f51331cace562393a8038d870b3e9916686f","d527f51331cace562393a8038d870b3e9916686f",{"version":415,"is_range":81,"range_type":93,"version_start":415,"version_start_type":396,"version_end":415,"version_end_type":396,"fixed_in":9},"2.6.16",{"ecosystem":9,"name":417,"vendor":389,"product":418,"cpe_part":382,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":419},"linux kernel","linux_kernel",[420,423,427,431,435,439,441],{"version":421,"is_range":394,"range_type":386,"version_start":415,"version_start_type":396,"version_end":422,"version_end_type":398,"fixed_in":9},"gte2.6.16_lt5.4.297","5.4.297",{"version":424,"is_range":394,"range_type":386,"version_start":425,"version_start_type":396,"version_end":426,"version_end_type":398,"fixed_in":9},"gte5.5_lt5.10.237","5.5","5.10.237",{"version":428,"is_range":394,"range_type":386,"version_start":429,"version_start_type":396,"version_end":430,"version_end_type":398,"fixed_in":9},"gte5.11_lt5.15.181","5.11","5.15.181",{"version":432,"is_range":394,"range_type":386,"version_start":433,"version_start_type":396,"version_end":434,"version_end_type":398,"fixed_in":9},"gte5.16_lt6.1.56","5.16","6.1.56",{"version":436,"is_range":394,"range_type":386,"version_start":437,"version_start_type":396,"version_end":438,"version_end_type":398,"fixed_in":9},"gte6.2_lt6.5.6","6.2","6.5.6",{"version":440,"is_range":81,"range_type":386,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.6:rc1",{"version":442,"is_range":81,"range_type":386,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.6:rc2"]