#VU106173 Use-after-free in Linux kernel - CVE-2023-52973

Vulnerability identifier: #VU106173

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52973

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vcs_read() function in drivers/tty/vt/vc_screen.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/226fae124b2dac217ea5436060d623ff3385bc34
https://git.kernel.org/stable/c/55515d7d8743b71b80bfe68e89eb9d92630626ab
https://git.kernel.org/stable/c/6332f52f44b9776568bf3c0b714ddfb0bb175e78
https://git.kernel.org/stable/c/8506f16aae9daf354e3732bcfd447e2a97f023df
https://git.kernel.org/stable/c/af79ea9a2443016f64d8fd8d72020cc874f0e066
https://git.kernel.org/stable/c/d0332cbf53dad06a22189cc341391237f4ea6d9f
https://git.kernel.org/stable/c/fc9e27f3ba083534b8bbf72ab0f5c810ffdc7d18

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.