Use-after-free in Linux kernel binder
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-52438 |
| CWE-ID | CWE-416 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Use-after-free
EUVDB-ID: #VU87593
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52438
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the binder_alloc_free_page() function in drivers/android/binder_alloc.c. A local user can trigger a race condition and escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionsLinux kernel: 5.4 - 6.8 rc5
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:5.4.7:*:*:*:*:*:*:*
https://git.kernel.org/stable/c/a53e15e592b4dcc91c3a3b8514e484a0bdbc53a3
https://git.kernel.org/stable/c/c8c1158ffb007197f31f9d9170cf13e4f34cbb5c
https://git.kernel.org/stable/c/8ad4d580e8aff8de2a4d57c5930fcc29f1ffd4a6
https://git.kernel.org/stable/c/9fa04c93f24138747807fe75b5591bb680098f56
https://git.kernel.org/stable/c/a49087ab93508b60d9b8add91707a22dda832869
https://git.kernel.org/stable/c/e074686e993ff1be5f21b085a3b1b4275ccd5727
https://git.kernel.org/stable/c/3f489c2067c5824528212b0fc18b28d51332d906
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.209
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.148
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.268
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.74
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.13
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.1
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
