UBUNTU-CVE-2023-52629

Advisory lineage Upstream: 1 Downstream: 13

Upstream

CVE-2023-52629

Downstream

USN-6972-1 USN-6972-2 USN-6972-3 USN-6972-4 USN-6973-1 USN-6973-2

Published: 29 Mar 2024, 10:15

Last modified:03 Jun 2026, 13:36

Vulnerability Summary

Overall Risk (default)

medium

34/100

CVSS Score

8.4 HIGH

3.1 (osv_ubuntu)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

29 Mar 2024, 10:15

Published

Vulnerability first disclosed

03 Jun 2026, 13:36

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flush_work() before timer_shutdown_sync() in switch_drv_remove(). Although we use flush_work() to stop the worker, it could be rescheduled in switch_timer(). As a result, a use-after-free bug can occur. The details are shown below: (cpu 0) | (cpu 1) switch_drv_remove() | flush_work() | ... | switch_timer // timer | schedule_work(&psw->work) timer_shutdown_sync() | ... | switch_work_handler // worker kfree(psw) // free | | psw->state = 0 // use This patch puts timer_shutdown_sync() before flush_work() to mitigate the bugs. As a result, the worker and timer will be stopped safely before the deallocate operations.

CVSS Metrics

v3.1•HIGH•Score: 8.4CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

ubuntu•linux
all | < 4.4.0-258.292 | < 4.15.0-228.240 | < 5.4.0-193.213 | < 5.15.0-119.129
ubuntu•linux-allwinner-5.19
all
ubuntu•linux-aws
< 4.4.0-1135.141 | < 4.4.0-1173.188 | < 4.15.0-1172.185 | < 5.4.0-1131.141 | < 5.15.0-1068.74
ubuntu•linux-aws-5.0
all
ubuntu•linux-aws-5.11
all
ubuntu•linux-aws-5.13
all
ubuntu•linux-aws-5.15
< 5.15.0-1068.74~20.04.1
ubuntu•linux-aws-5.19
all
ubuntu•linux-aws-5.3
all
ubuntu•linux-aws-5.4
< 5.4.0-1131.141~18.04.1
ubuntu•linux-aws-5.8
all
ubuntu•linux-aws-6.2
all
ubuntu•linux-aws-6.5
all
ubuntu•linux-aws-fips
< 4.15.0-2110.116 | all | < 5.4.0-1131.141+fips1 | < 5.15.0-1068.74+fips1
ubuntu•linux-aws-hwe
< 4.15.0-1172.185~16.04.1
ubuntu•linux-azure
< 4.15.0-1180.195~14.04.1 | < 4.15.0-1180.195~16.04.1 | all | < 5.4.0-1136.143 | < 5.15.0-1071.80
ubuntu•linux-azure-4.15
< 4.15.0-1180.195
ubuntu•linux-azure-5.11
all
ubuntu•linux-azure-5.13
all
ubuntu•linux-azure-5.15
< 5.15.0-1071.80~20.04.1
ubuntu•linux-azure-5.19
all
ubuntu•linux-azure-5.3
all
ubuntu•linux-azure-5.4
< 5.4.0-1136.143~18.04.1
ubuntu•linux-azure-5.8
all
ubuntu•linux-azure-6.2
all
ubuntu•linux-azure-6.5
all
ubuntu•linux-azure-edge
all
ubuntu•linux-azure-fde
all | < 5.15.0-1071.80.1 | all
ubuntu•linux-azure-fde-5.19
all
ubuntu•linux-azure-fde-6.2
all
ubuntu•linux-azure-fde-6.8
all
ubuntu•linux-azure-fips
< 4.15.0-2089.95 | all | < 5.4.0-1136.143+fips1 | < 5.15.0-1071.80+fips1
ubuntu•linux-bluefield
< 5.15.0-1051.53 | < 5.4.0-1091.98 | < 5.15.0-1051.53 | all
ubuntu•linux-fips
< 4.4.0-1104.111 | all | < 4.15.0-1126.137 | < 5.4.0-1105.115 | < 5.15.0-119.129+fips1
ubuntu•linux-gcp
< 4.15.0-1165.182~16.04.1 | all | < 5.4.0-1135.144 | < 5.15.0-1067.75
ubuntu•linux-gcp-4.15
< 4.15.0-1165.182
ubuntu•linux-gcp-5.11
all
ubuntu•linux-gcp-5.13
all
ubuntu•linux-gcp-5.15
< 5.15.0-1067.75~20.04.1
ubuntu•linux-gcp-5.19
all
ubuntu•linux-gcp-5.3
all
ubuntu•linux-gcp-5.4
< 5.4.0-1135.144~18.04.1
ubuntu•linux-gcp-5.8
all
ubuntu•linux-gcp-6.2
all
ubuntu•linux-gcp-6.5
all
ubuntu•linux-gcp-fips
< 4.15.0-2073.78 | all | < 5.4.0-1135.144+fips1 | < 5.15.0-1067.75+fips1
ubuntu•linux-gke
all | < 5.15.0-1065.71
ubuntu•linux-gke-4.15
all
ubuntu•linux-gke-5.15
all
ubuntu•linux-gke-5.4
all

Showing first 50 affected entries in server-rendered view.