CVE-2023-53047

Advisory lineage Upstream: 0 Downstream: 7

Downstream

DEBIAN-CVE-2023-53047 RHSA-2024:2394 RHSA-2025:14003 RHSA-2025:14005 RHSA-2025:14744 RHSA-2025:14749

Analyzed

Published: 02 May 2025, 15:55

Last modified:11 May 2026, 19:37

Vulnerability Summary

Overall Risk (default)

low

19/100

CVSS Score

4.7 MEDIUM

v3.1 (nvd)

EPSS Score

0.05% LOW

0% probability +0.03%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 May 2025, 15:55

Published

Vulnerability first disclosed

11 May 2026, 19:37

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdtee_open_session There is a potential race condition in amdtee_open_session that may lead to use-after-free. For instance, in amdtee_open_session() after sess->sess_mask is set, and before setting: sess->session_info[i] = session_info; if amdtee_close_session() closes this same session, then 'sess' data structure will be released, causing kernel panic when 'sess' is accessed within amdtee_open_session(). The solution is to set the bit sess->sess_mask as the last step in amdtee_open_session().

CVSS Metrics

v3.1•MEDIUM•Score: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.05%• Percentile: 15%

Techniques & Countermeasures

CWE-362•Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Affected Systems

linux•linux
≥ 757cc3e9ff1d72d014096399d6e2bf03974d9da1, < f632a90f8e39db39b322107b9a8d438b826a7f4f | ≥ 757cc3e9ff1d72d014096399d6e2bf03974d9da1, < 02b296978a2137d7128151c542e84dc96400bc00 | ≥ 757cc3e9ff1d72d014096399d6e2bf03974d9da1, < a63cce9393e4e7dbc5af82dc87e68cb321cb1a78 | ≥ 757cc3e9ff1d72d014096399d6e2bf03974d9da1, < b3ef9e6fe09f1a132af28c623edcf4d4f39d9f35 | ≥ 757cc3e9ff1d72d014096399d6e2bf03974d9da1, < f8502fba45bd30e1a6a354d9d898bc99d1a11e6d | 5.6
linux•linux_kernel
≥ 5.6, < 5.10.177 | ≥ 5.11, < 5.15.105 | ≥ 5.16, < 6.1.22 | ≥ 6.2, < 6.2.9 | 6.3:rc1 | 6.3:rc2 | 6.3:rc3