vulnerability
Ubuntu: (Multiple Advisories) (CVE-2023-52629): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Mar 29, 2024 | Aug 22, 2024 | Aug 18, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Mar 29, 2024
Added
Aug 22, 2024
Modified
Aug 18, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
The original code puts flush_work() before timer_shutdown_sync()
in switch_drv_remove(). Although we use flush_work() to stop
the worker, it could be rescheduled in switch_timer(). As a result,
a use-after-free bug can occur. The details are shown below:
(cpu 0) | (cpu 1)
switch_drv_remove() |
flush_work() |
... | switch_timer // timer
| schedule_work(&psw->work)
timer_shutdown_sync() |
... | switch_work_handler // worker
kfree(psw) // free |
| psw->state = 0 // use
This patch puts timer_shutdown_sync() before flush_work() to
mitigate the bugs. As a result, the worker and timer will be
stopped safely before the deallocate operations.
Solutions
ubuntu-upgrade-linux-image-4-15-0-1134-oracleubuntu-upgrade-linux-image-4-15-0-1155-kvmubuntu-upgrade-linux-image-4-15-0-1165-gcpubuntu-upgrade-linux-image-4-15-0-1172-awsubuntu-upgrade-linux-image-4-15-0-1180-azureubuntu-upgrade-linux-image-4-15-0-228-genericubuntu-upgrade-linux-image-4-15-0-228-lowlatencyubuntu-upgrade-linux-image-4-4-0-1135-awsubuntu-upgrade-linux-image-4-4-0-1136-kvmubuntu-upgrade-linux-image-4-4-0-1173-awsubuntu-upgrade-linux-image-4-4-0-258-genericubuntu-upgrade-linux-image-4-4-0-258-lowlatencyubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmpubuntu-upgrade-linux-image-5-15-0-1051-gkeopubuntu-upgrade-linux-image-5-15-0-1061-ibmubuntu-upgrade-linux-image-5-15-0-1061-raspiubuntu-upgrade-linux-image-5-15-0-1063-intel-iotgubuntu-upgrade-linux-image-5-15-0-1063-nvidiaubuntu-upgrade-linux-image-5-15-0-1063-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1065-gkeubuntu-upgrade-linux-image-5-15-0-1065-kvmubuntu-upgrade-linux-image-5-15-0-1066-oracleubuntu-upgrade-linux-image-5-15-0-1067-gcpubuntu-upgrade-linux-image-5-15-0-1068-awsubuntu-upgrade-linux-image-5-15-0-1071-azureubuntu-upgrade-linux-image-5-15-0-1071-azure-fdeubuntu-upgrade-linux-image-5-15-0-119-genericubuntu-upgrade-linux-image-5-15-0-119-generic-64kubuntu-upgrade-linux-image-5-15-0-119-generic-lpaeubuntu-upgrade-linux-image-5-15-0-119-lowlatencyubuntu-upgrade-linux-image-5-15-0-119-lowlatency-64kubuntu-upgrade-linux-image-5-4-0-1043-iotubuntu-upgrade-linux-image-5-4-0-1050-xilinx-zynqmpubuntu-upgrade-linux-image-5-4-0-1078-ibmubuntu-upgrade-linux-image-5-4-0-1091-bluefieldubuntu-upgrade-linux-image-5-4-0-1098-gkeopubuntu-upgrade-linux-image-5-4-0-1115-raspiubuntu-upgrade-linux-image-5-4-0-1119-kvmubuntu-upgrade-linux-image-5-4-0-1130-oracleubuntu-upgrade-linux-image-5-4-0-1131-awsubuntu-upgrade-linux-image-5-4-0-1135-gcpubuntu-upgrade-linux-image-5-4-0-1136-azureubuntu-upgrade-linux-image-5-4-0-193-genericubuntu-upgrade-linux-image-5-4-0-193-generic-lpaeubuntu-upgrade-linux-image-5-4-0-193-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-hweubuntu-upgrade-linux-image-aws-lts-18-04ubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fde-lts-22-04ubuntu-upgrade-linux-image-azure-lts-18-04ubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-bluefieldubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-lts-18-04ubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-gkeop-5-4ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-lts-20-04ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-20-04cubuntu-upgrade-linux-image-oem-20-04dubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-lts-18-04ubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04ubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-20-04ubuntu-upgrade-linux-image-virtual-lts-xenialubuntu-upgrade-linux-image-xilinx-zynqmp
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.