CVE-2023-1855: Use After Free

First published: Wed Apr 05 2023(Updated: )

A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.

Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux Linux kernel	<6.3
Linux Linux kernel	>=4.9<4.14.311
Linux Linux kernel	>=4.15<4.19.279
Linux Linux kernel	>=4.20<5.4.238
Linux Linux kernel	>=5.5<5.10.176
Linux Linux kernel	>=5.11<5.15.104
Linux Linux kernel	>=5.16<6.1.21
Linux Linux kernel	>=6.2<6.2.8
Linux Linux kernel	=6.3-rc1
Linux Linux kernel	=6.3-rc2
Linux Linux kernel	=6.3-rc3
Debian Debian Linux	=10.0
redhat/Kernel	<6.3	6.3
IBM QRadar SIEM	<=7.5 - 7.5.0 UP8 IF01
ubuntu/linux	<5.4.0-156.173	5.4.0-156.173
ubuntu/linux	<5.15.0-79.86	5.15.0-79.86
ubuntu/linux	<6.2.0-23.23	6.2.0-23.23
ubuntu/linux	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-allwinner	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-allwinner-5.19	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws	<5.4.0-1107.115	5.4.0-1107.115
ubuntu/linux-aws	<5.15.0-1042.47	5.15.0-1042.47
ubuntu/linux-aws	<6.2.0-1005.5	6.2.0-1005.5
ubuntu/linux-aws	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-5.0	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-5.15	<5.15.0-1041.46~20.04.1	5.15.0-1041.46~20.04.1
ubuntu/linux-aws-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-5.19	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-5.4	<5.4.0-1107.115~18.04.1	5.4.0-1107.115~18.04.1
ubuntu/linux-aws-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-fips	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-aws-hwe	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure	<6.2.0-1005.5	6.2.0-1005.5
ubuntu/linux-azure	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-4.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-5.4	<5.4.0-1113.119~18.04.1	5.4.0-1113.119~18.04.1
ubuntu/linux-azure-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-edge	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-fde	<5.15.0-1044.51.1	5.15.0-1044.51.1
ubuntu/linux-azure-fde	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-fde-5.15	<5.15.0-1043.50~20.04.1.1	5.15.0-1043.50~20.04.1.1
ubuntu/linux-azure-fde-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-fde-5.19	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-azure-fips	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-bluefield	<5.4.0-1068.74	5.4.0-1068.74
ubuntu/linux-bluefield	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-dell300x	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-fips	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp	<5.4.0-1110.119	5.4.0-1110.119
ubuntu/linux-gcp	<5.15.0-1039.47	5.15.0-1039.47
ubuntu/linux-gcp	<6.2.0-1007.7	6.2.0-1007.7
ubuntu/linux-gcp	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp-4.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp-5.15	<5.15.0-1039.47~20.04.1	5.15.0-1039.47~20.04.1
ubuntu/linux-gcp-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp-5.19	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp-5.4	<5.4.0-1110.119~18.04.1	5.4.0-1110.119~18.04.1
ubuntu/linux-gcp-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gcp-fips	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gke	<5.4.0-1105.112	5.4.0-1105.112
ubuntu/linux-gke	<5.15.0-1039.44	5.15.0-1039.44
ubuntu/linux-gke	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gke-4.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gke-5.0	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gke-5.15	<5.15.0-1039.44~20.04.1	5.15.0-1039.44~20.04.1
ubuntu/linux-gke-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gke-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gkeop	<5.4.0-1074.78	5.4.0-1074.78
ubuntu/linux-gkeop	<5.15.0-1025.30	5.15.0-1025.30
ubuntu/linux-gkeop	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gkeop-5.15	<5.15.0-1025.30~20.04.1	5.15.0-1025.30~20.04.1
ubuntu/linux-gkeop-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-gkeop-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-hwe	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-hwe-5.15	<5.15.0-79.86~20.04.2	5.15.0-79.86~20.04.2
ubuntu/linux-hwe-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-hwe-5.4	<5.4.0-156.173~18.04.1	5.4.0-156.173~18.04.1
ubuntu/linux-hwe-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-hwe-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-hwe-edge	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-ibm	<5.4.0-1054.59	5.4.0-1054.59
ubuntu/linux-ibm	<5.15.0-1035.38	5.15.0-1035.38
ubuntu/linux-ibm	<6.2.0-1003.3	6.2.0-1003.3
ubuntu/linux-ibm	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-ibm-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-ibm-5.4	<5.4.0-1054.59~18.04.1	5.4.0-1054.59~18.04.1
ubuntu/linux-ibm-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-intel	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-intel-5.13	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-intel-iotg	<5.15.0-1037.42	5.15.0-1037.42
ubuntu/linux-intel-iotg	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-intel-iotg-5.15	<5.15.0-1037.42~20.04.1	5.15.0-1037.42~20.04.1
ubuntu/linux-intel-iotg-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-iot	<5.4.0-1019.20	5.4.0-1019.20
ubuntu/linux-iot	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-kvm	<5.4.0-1096.102	5.4.0-1096.102
ubuntu/linux-kvm	<5.15.0-1039.44	5.15.0-1039.44
ubuntu/linux-kvm	<6.2.0-1006.6	6.2.0-1006.6
ubuntu/linux-kvm	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-laptop	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-lowlatency	<5.15.0-79.88	5.15.0-79.88
ubuntu/linux-lowlatency	<6.2.0-1005.5	6.2.0-1005.5
ubuntu/linux-lowlatency	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-lowlatency-hwe-5.15	<5.15.0-79.88~20.04.1	5.15.0-79.88~20.04.1
ubuntu/linux-lowlatency-hwe-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-lowlatency-hwe-5.19	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-lowlatency-hwe-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-lts-xenial	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-nvidia	<5.15.0-1030.30	5.15.0-1030.30
ubuntu/linux-nvidia	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-nvidia-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-5.10	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-5.14	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-5.17	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-5.6	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-6.0	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-6.1	<6.1.0-1009.9	6.1.0-1009.9
ubuntu/linux-oem-6.1	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-6.8	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oem-osp1	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oracle	<5.4.0-1106.115	5.4.0-1106.115
ubuntu/linux-oracle	<5.15.0-1040.46	5.15.0-1040.46
ubuntu/linux-oracle	<6.2.0-1005.5	6.2.0-1005.5
ubuntu/linux-oracle	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oracle-5.0	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oracle-5.13	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oracle-5.15	<5.15.0-1040.46~20.04.1	5.15.0-1040.46~20.04.1
ubuntu/linux-oracle-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oracle-5.4	<5.4.0-1106.115~18.04.1	5.4.0-1106.115~18.04.1
ubuntu/linux-oracle-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-oracle-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-raspi	<5.4.0-1091.102	5.4.0-1091.102
ubuntu/linux-raspi	<5.15.0-1035.38	5.15.0-1035.38
ubuntu/linux-raspi	<6.2.0-1006.8	6.2.0-1006.8
ubuntu/linux-raspi	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-raspi-5.4	<5.4.0-1091.102~18.04.1	5.4.0-1091.102~18.04.1
ubuntu/linux-raspi-5.4	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-raspi2	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-riscv	<6.2.0-23.23.1	6.2.0-23.23.1
ubuntu/linux-riscv	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-riscv-5.15	<5.15.0-1038.42~20.04.2	5.15.0-1038.42~20.04.2
ubuntu/linux-riscv-5.15	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-riscv-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-snapdragon	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-starfive	<6.2.0-1002.2	6.2.0-1002.2
ubuntu/linux-starfive	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-starfive-5.19	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-starfive-6.5	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
ubuntu/linux-xilinx-zynqmp	<5.4.0-1027.31	5.4.0-1027.31
ubuntu/linux-xilinx-zynqmp	<5.15.0-1025.29	5.15.0-1025.29
ubuntu/linux-xilinx-zynqmp	<6.3~<5.4.238<5.15.104	6.3~ 5.4.238 5.15.104
debian/linux		5.10.218-1 5.10.221-1 6.1.94-1 6.1.99-1 6.9.10-1 6.9.12-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

collector/nvd-api
collector/nvd-index
agent/type
agent/remedy
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/author
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/weakness
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-1855
collector/ibm-support
source/IBM
agent/last-modified-date
agent/severity
agent/references
agent/description
agent/tags
collector/usn-cve
source/Ubuntu
agent/event
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/mitre-cve
source/MITRE
vendor/linux
canonical/linux linux kernel
version/linux linux kernel/4.9
version/linux linux kernel/4.15
version/linux linux kernel/4.20
version/linux linux kernel/5.5
version/linux linux kernel/5.11
version/linux linux kernel/5.16
version/linux linux kernel/6.2
version/linux linux kernel/6.3-rc1
version/linux linux kernel/6.3-rc2
version/linux linux kernel/6.3-rc3
vendor/debian
canonical/debian debian linux
version/debian debian linux/10.0
package-manager/redhat
vendor/ibm
canonical/ibm qradar siem
version/ibm qradar siem/7.5 - 7.5.0 up8 if01
package-manager/ubuntu
package-manager/debian

CVE-2023-1855: Use After Free

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact