[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-52975":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":76,"related":77,"reserved_at":9,"published_at":83,"modified_at":84,"state":85,"summary":86,"references_raw":95,"kevs":114,"epss":115,"epss_history":118,"metrics":386,"affected":394},"CVE-2023-52975","In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress\n\nBug report and analysis from Ding Hui.\n\nDuring iSCSI session logout, if another task accesses the shost ipaddress\nattr, we can get a KASAN UAF report like this:\n\n[  276.942144] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x78/0xe0\n[  276.942535] Write of size 4 at addr ffff8881053b45b8 by task cat/4088\n[  276.943511] CPU: 2 PID: 4088 Comm: cat Tainted: G            E      6.1.0-rc8+ #3\n[  276.943997] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\n[  276.944470] Call Trace:\n[  276.944943]  \u003CTASK>\n[  276.945397]  dump_stack_lvl+0x34/0x48\n[  276.945887]  print_address_description.constprop.0+0x86/0x1e7\n[  276.946421]  print_report+0x36/0x4f\n[  276.947358]  kasan_report+0xad/0x130\n[  276.948234]  kasan_check_range+0x35/0x1c0\n[  276.948674]  _raw_spin_lock_bh+0x78/0xe0\n[  276.949989]  iscsi_sw_tcp_host_get_param+0xad/0x2e0 [iscsi_tcp]\n[  276.951765]  show_host_param_ISCSI_HOST_PARAM_IPADDRESS+0xe9/0x130 [scsi_transport_iscsi]\n[  276.952185]  dev_attr_show+0x3f/0x80\n[  276.953005]  sysfs_kf_seq_show+0x1fb/0x3e0\n[  276.953401]  seq_read_iter+0x402/0x1020\n[  276.954260]  vfs_read+0x532/0x7b0\n[  276.955113]  ksys_read+0xed/0x1c0\n[  276.955952]  do_syscall_64+0x38/0x90\n[  276.956347]  entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[  276.956769] RIP: 0033:0x7f5d3a679222\n[  276.957161] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 32 c0 0b 00 e8 a5 fe 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003C48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n[  276.958009] RSP: 002b:00007ffc864d16a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[  276.958431] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5d3a679222\n[  276.958857] RDX: 0000000000020000 RSI: 00007f5d3a4fe000 RDI: 0000000000000003\n[  276.959281] RBP: 00007f5d3a4fe000 R08: 00000000ffffffff R09: 0000000000000000\n[  276.959682] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000020000\n[  276.960126] R13: 0000000000000003 R14: 0000000000000000 R15: 0000557a26dada58\n[  276.960536]  \u003C/TASK>\n[  276.961357] Allocated by task 2209:\n[  276.961756]  kasan_save_stack+0x1e/0x40\n[  276.962170]  kasan_set_track+0x21/0x30\n[  276.962557]  __kasan_kmalloc+0x7e/0x90\n[  276.962923]  __kmalloc+0x5b/0x140\n[  276.963308]  iscsi_alloc_session+0x28/0x840 [scsi_transport_iscsi]\n[  276.963712]  iscsi_session_setup+0xda/0xba0 [libiscsi]\n[  276.964078]  iscsi_sw_tcp_session_create+0x1fd/0x330 [iscsi_tcp]\n[  276.964431]  iscsi_if_create_session.isra.0+0x50/0x260 [scsi_transport_iscsi]\n[  276.964793]  iscsi_if_recv_msg+0xc5a/0x2660 [scsi_transport_iscsi]\n[  276.965153]  iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[  276.965546]  netlink_unicast+0x4d5/0x7b0\n[  276.965905]  netlink_sendmsg+0x78d/0xc30\n[  276.966236]  sock_sendmsg+0xe5/0x120\n[  276.966576]  ____sys_sendmsg+0x5fe/0x860\n[  276.966923]  ___sys_sendmsg+0xe0/0x170\n[  276.967300]  __sys_sendmsg+0xc8/0x170\n[  276.967666]  do_syscall_64+0x38/0x90\n[  276.968028]  entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[  276.968773] Freed by task 2209:\n[  276.969111]  kasan_save_stack+0x1e/0x40\n[  276.969449]  kasan_set_track+0x21/0x30\n[  276.969789]  kasan_save_free_info+0x2a/0x50\n[  276.970146]  __kasan_slab_free+0x106/0x190\n[  276.970470]  __kmem_cache_free+0x133/0x270\n[  276.970816]  device_release+0x98/0x210\n[  276.971145]  kobject_cleanup+0x101/0x360\n[  276.971462]  iscsi_session_teardown+0x3fb/0x530 [libiscsi]\n[  276.971775]  iscsi_sw_tcp_session_destroy+0xd8/0x130 [iscsi_tcp]\n[  276.972143]  iscsi_if_recv_msg+0x1bf1/0x2660 [scsi_transport_iscsi]\n[  276.972485]  iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[  276.972808]  netlink_unicast+0x4d5/0x7b0\n[  276.973201]  netlink_sendmsg+0x78d/0xc30\n[  276.973544]  sock_sendmsg+0xe5/0x120\n[  276.973864]  ____sys_sendmsg+0x5fe/0x860\n[  276.974248]  ___sys_\n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74],{"_key":25},"SUSE-SU-2025:01983-1",{"_key":27},"SUSE-SU-2025:1176-1",{"_key":29},"SUSE-SU-2025:1183-1",{"_key":31},"SUSE-SU-2025:1195-1",{"_key":33},"SUSE-SU-2025:1241-1",{"_key":35},"DLA-4475-1",{"_key":37},"DEBIAN-CVE-2023-52975",{"_key":39},"RHSA-2024:0431",{"_key":41},"RHSA-2024:0432",{"_key":43},"RHSA-2024:0575",{"_key":45},"UBUNTU-CVE-2023-52975",{"_key":47},"USN-7684-1",{"_key":49},"USN-7684-2",{"_key":51},"USN-7684-3",{"_key":53},"USN-7685-1",{"_key":55},"USN-7685-2",{"_key":57},"USN-7685-3",{"_key":59},"USN-7685-4",{"_key":61},"USN-7685-5",{"_key":63},"USN-7701-1",{"_key":65},"USN-7701-2",{"_key":67},"USN-7701-3",{"_key":69},"USN-7819-1",{"_key":71},"USN-7819-2",{"_key":73},"USN-7832-1",{"_key":75},"USN-7911-1",[],[78,79,80,81,82],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},"2025-03-27T16:43:15.322Z","2026-05-11T19:36:14.101Z","Analyzed",{"cisa_kev":87,"cisa_ransomware":87,"cisa_vendor":9,"epss_severity":88,"epss_score":89,"severity":90,"severity_score":91,"severity_version":92,"severity_source":93,"severity_vector":94,"severity_status":85},false,"low",0.0002,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[96,102,106,110],{"url":97,"sources":98,"tags":100},"https://git.kernel.org/stable/c/0af745fddefbd56198f4f35eb309215ee5f9e21e",[93,99],"nvd",[101],"Patch",{"url":103,"sources":104,"tags":105},"https://git.kernel.org/stable/c/17b738590b97fb3fc287289971d1519ff9b875a1",[93,99],[101],{"url":107,"sources":108,"tags":109},"https://git.kernel.org/stable/c/8859687f5b242c0b057461df0a9ff51d5500783b",[93,99],[101],{"url":111,"sources":112,"tags":113},"https://git.kernel.org/stable/c/6f1d64b13097e85abda0f91b5638000afc5f9a06",[93,99],[101],[],{"date":116,"score":89,"percentile":117},"2026-06-03",0.05891,[119,123,126,129,132,135,138,141,144,146,148,151,154,156,159,163,166,169,172,175,178,181,184,187,190,193,196,200,203,206,209,212,215,218,221,224,227,230,234,237,240,243,246,249,252,255,257,259,263,266,269,272,275,278,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,335,337,339,342,344,346,349,353,356,359,362,365,368,371,374,377,380,383],{"date":120,"score":121,"percentile":122},"2025-11-04",0.00011,0.01033,{"date":124,"score":121,"percentile":125},"2025-11-05",0.01047,{"date":127,"score":121,"percentile":128},"2025-11-06",0.01057,{"date":130,"score":121,"percentile":131},"2025-11-07",0.0106,{"date":133,"score":121,"percentile":134},"2025-11-08",0.01063,{"date":136,"score":121,"percentile":137},"2025-11-09",0.01062,{"date":139,"score":121,"percentile":140},"2025-11-10",0.01052,{"date":142,"score":121,"percentile":143},"2025-11-11",0.01055,{"date":145,"score":121,"percentile":140},"2025-11-12",{"date":147,"score":121,"percentile":143},"2025-11-13",{"date":149,"score":121,"percentile":150},"2025-11-14",0.01068,{"date":152,"score":121,"percentile":153},"2025-11-15",0.01084,{"date":155,"score":121,"percentile":153},"2025-11-16",{"date":157,"score":121,"percentile":158},"2025-11-17",0.01079,{"date":160,"score":161,"percentile":162},"2025-11-18",0.00024,0.03042,{"date":164,"score":161,"percentile":165},"2025-11-19",0.03094,{"date":167,"score":161,"percentile":168},"2025-11-20",0.03159,{"date":170,"score":121,"percentile":171},"2025-11-21",0.01127,{"date":173,"score":121,"percentile":174},"2025-11-22",0.01125,{"date":176,"score":121,"percentile":177},"2025-11-23",0.01115,{"date":179,"score":121,"percentile":180},"2025-11-24",0.01111,{"date":182,"score":121,"percentile":183},"2025-11-25",0.01104,{"date":185,"score":121,"percentile":186},"2025-11-26",0.01039,{"date":188,"score":121,"percentile":189},"2025-11-27",0.01037,{"date":191,"score":121,"percentile":192},"2025-11-28",0.01043,{"date":194,"score":121,"percentile":195},"2025-11-29",0.01075,{"date":197,"score":198,"percentile":199},"2025-11-30",0.00012,0.01143,{"date":201,"score":198,"percentile":202},"2025-12-01",0.01176,{"date":204,"score":198,"percentile":205},"2025-12-02",0.0117,{"date":207,"score":198,"percentile":208},"2025-12-03",0.01175,{"date":210,"score":198,"percentile":211},"2025-12-04",0.01146,{"date":213,"score":198,"percentile":214},"2025-12-05",0.0116,{"date":216,"score":198,"percentile":217},"2025-12-06",0.01303,{"date":219,"score":198,"percentile":220},"2025-12-07",0.01301,{"date":222,"score":198,"percentile":223},"2025-12-08",0.01165,{"date":225,"score":198,"percentile":226},"2025-12-09",0.01178,{"date":228,"score":198,"percentile":229},"2025-12-10",0.01192,{"date":231,"score":232,"percentile":233},"2025-12-11",0.00014,0.02016,{"date":235,"score":232,"percentile":236},"2025-12-12",0.02021,{"date":238,"score":232,"percentile":239},"2025-12-13",0.02004,{"date":241,"score":232,"percentile":242},"2025-12-14",0.02006,{"date":244,"score":232,"percentile":245},"2025-12-15",0.01996,{"date":247,"score":232,"percentile":248},"2025-12-16",0.01993,{"date":250,"score":232,"percentile":251},"2025-12-17",0.02007,{"date":253,"score":232,"percentile":254},"2025-12-18",0.02005,{"date":256,"score":232,"percentile":242},"2025-12-19",{"date":258,"score":232,"percentile":251},"2025-12-20",{"date":260,"score":261,"percentile":262},"2025-12-21",0.00016,0.02719,{"date":264,"score":261,"percentile":265},"2025-12-22",0.02721,{"date":267,"score":261,"percentile":268},"2025-12-23",0.02724,{"date":270,"score":261,"percentile":271},"2025-12-24",0.02726,{"date":273,"score":261,"percentile":274},"2025-12-25",0.02733,{"date":276,"score":261,"percentile":277},"2025-12-26",0.02736,{"date":279,"score":280,"percentile":281},"2025-12-27",0.00019,0.04435,{"date":283,"score":261,"percentile":284},"2025-12-28",0.0273,{"date":286,"score":261,"percentile":287},"2025-12-29",0.0272,{"date":289,"score":261,"percentile":290},"2025-12-30",0.02718,{"date":292,"score":261,"percentile":293},"2025-12-31",0.02713,{"date":295,"score":261,"percentile":296},"2026-01-01",0.02774,{"date":298,"score":261,"percentile":299},"2026-01-02",0.02771,{"date":301,"score":261,"percentile":302},"2026-01-03",0.02769,{"date":304,"score":261,"percentile":305},"2026-01-04",0.02702,{"date":307,"score":261,"percentile":308},"2026-01-05",0.02708,{"date":310,"score":261,"percentile":311},"2026-01-06",0.02704,{"date":313,"score":261,"percentile":314},"2026-01-07",0.02723,{"date":316,"score":261,"percentile":317},"2026-01-08",0.02752,{"date":319,"score":261,"percentile":320},"2026-01-09",0.02763,{"date":322,"score":261,"percentile":323},"2026-01-10",0.02764,{"date":325,"score":261,"percentile":326},"2026-01-11",0.02775,{"date":328,"score":261,"percentile":329},"2026-01-12",0.02732,{"date":331,"score":261,"percentile":332},"2026-01-13",0.02725,{"date":334,"score":261,"percentile":284},"2026-01-14",{"date":336,"score":261,"percentile":265},"2026-01-15",{"date":338,"score":261,"percentile":287},"2026-01-16",{"date":340,"score":261,"percentile":341},"2026-01-17",0.02722,{"date":343,"score":261,"percentile":332},"2026-01-18",{"date":345,"score":261,"percentile":290},"2026-01-19",{"date":347,"score":89,"percentile":348},"2026-01-20",0.0439,{"date":350,"score":351,"percentile":352},"2026-01-21",0.00054,0.17014,{"date":354,"score":351,"percentile":355},"2026-01-22",0.16949,{"date":357,"score":351,"percentile":358},"2026-01-23",0.17045,{"date":360,"score":351,"percentile":361},"2026-01-24",0.17073,{"date":363,"score":351,"percentile":364},"2026-01-25",0.17006,{"date":366,"score":351,"percentile":367},"2026-01-26",0.16907,{"date":369,"score":351,"percentile":370},"2026-01-27",0.16897,{"date":372,"score":351,"percentile":373},"2026-01-28",0.16895,{"date":375,"score":351,"percentile":376},"2026-01-29",0.16873,{"date":378,"score":351,"percentile":379},"2026-01-30",0.16888,{"date":381,"score":351,"percentile":382},"2026-01-31",0.16902,{"date":384,"score":351,"percentile":385},"2026-02-01",0.16931,[387,392],{"source":93,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":388,"cvss_v4_0":9},{"baseScore":91,"baseSeverity":389,"vectorString":94,"impactScore":390,"exploitabilityScore":391},"HIGH",9.8,4.6,{"source":99,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":393,"cvss_v4_0":9},{"baseScore":91,"baseSeverity":389,"vectorString":94,"impactScore":390,"exploitabilityScore":391},[395,418],{"ecosystem":9,"name":396,"vendor":397,"product":397,"cpe_part":398,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":399},"Linux","linux","a",[400,407,410,413,416],{"version":401,"is_range":402,"range_type":93,"version_start":403,"version_start_type":404,"version_end":405,"version_end_type":406,"fixed_in":9},">= a79af8a64d395bd89de8695a5ea5e1a7f01f02a8, \u003C 0af745fddefbd56198f4f35eb309215ee5f9e21e",true,"a79af8a64d395bd89de8695a5ea5e1a7f01f02a8","including","0af745fddefbd56198f4f35eb309215ee5f9e21e","excluding",{"version":408,"is_range":402,"range_type":93,"version_start":403,"version_start_type":404,"version_end":409,"version_end_type":406,"fixed_in":9},">= a79af8a64d395bd89de8695a5ea5e1a7f01f02a8, \u003C 17b738590b97fb3fc287289971d1519ff9b875a1","17b738590b97fb3fc287289971d1519ff9b875a1",{"version":411,"is_range":402,"range_type":93,"version_start":403,"version_start_type":404,"version_end":412,"version_end_type":406,"fixed_in":9},">= a79af8a64d395bd89de8695a5ea5e1a7f01f02a8, \u003C 8859687f5b242c0b057461df0a9ff51d5500783b","8859687f5b242c0b057461df0a9ff51d5500783b",{"version":414,"is_range":402,"range_type":93,"version_start":403,"version_start_type":404,"version_end":415,"version_end_type":406,"fixed_in":9},">= a79af8a64d395bd89de8695a5ea5e1a7f01f02a8, \u003C 6f1d64b13097e85abda0f91b5638000afc5f9a06","6f1d64b13097e85abda0f91b5638000afc5f9a06",{"version":417,"is_range":87,"range_type":93,"version_start":417,"version_start_type":404,"version_end":417,"version_end_type":404,"fixed_in":9},"2.6.39",{"ecosystem":9,"name":419,"vendor":397,"product":420,"cpe_part":421,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":422},"linux kernel","linux_kernel","o",[423,427,430,433,437,439,441,443,445],{"version":424,"is_range":402,"range_type":425,"version_start":9,"version_start_type":9,"version_end":426,"version_end_type":406,"fixed_in":9},"lt5.15.93","cpe","5.15.93",{"version":428,"is_range":402,"range_type":425,"version_start":9,"version_start_type":9,"version_end":429,"version_end_type":406,"fixed_in":9},"lt5.10.248","5.10.248",{"version":431,"is_range":402,"range_type":425,"version_start":432,"version_start_type":404,"version_end":426,"version_end_type":406,"fixed_in":9},"gte5.11_lt5.15.93","5.11",{"version":434,"is_range":402,"range_type":425,"version_start":435,"version_start_type":404,"version_end":436,"version_end_type":406,"fixed_in":9},"gte5.16_lt6.1.11","5.16","6.1.11",{"version":438,"is_range":87,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2:rc1",{"version":440,"is_range":87,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2:rc2",{"version":442,"is_range":87,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2:rc3",{"version":444,"is_range":87,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2:rc4",{"version":446,"is_range":87,"range_type":425,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2:rc5"]