#VU87593 Use-after-free in Linux kernel - CVE-2023-52438

Vulnerability identifier: #VU87593

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52438

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the binder_alloc_free_page() function in drivers/android/binder_alloc.c. A local user can trigger a race condition and escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/a53e15e592b4dcc91c3a3b8514e484a0bdbc53a3
https://git.kernel.org/stable/c/c8c1158ffb007197f31f9d9170cf13e4f34cbb5c
https://git.kernel.org/stable/c/8ad4d580e8aff8de2a4d57c5930fcc29f1ffd4a6
https://git.kernel.org/stable/c/9fa04c93f24138747807fe75b5591bb680098f56
https://git.kernel.org/stable/c/a49087ab93508b60d9b8add91707a22dda832869
https://git.kernel.org/stable/c/e074686e993ff1be5f21b085a3b1b4275ccd5727
https://git.kernel.org/stable/c/3f489c2067c5824528212b0fc18b28d51332d906

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.