{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52859", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.260Z", "datePublished": "2024-05-21T15:31:52.546Z", "dateUpdated": "2024-11-04T14:54:01.591Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:54:01.591Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: hisi: Fix use-after-free when register pmu fails\n\nWhen we fail to register the uncore pmu, the pmu context may not been\nallocated. The error handing will call cpuhp_state_remove_instance()\nto call uncore pmu offline callback, which migrate the pmu context.\nSince that's liable to lead to some kind of use-after-free.\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don't execute after\nthe PMU device has been failed to register."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/perf/hisilicon/hisi_uncore_pa_pmu.c", "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c"], "versions": [{"version": "3bf30882c3c7", "lessThan": "0e1e88bba286", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "b660420f449d", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "3405f364f82d", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "75bab28ffd05", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "b805cafc604b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/perf/hisilicon/hisi_uncore_pa_pmu.c", "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.139", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.63", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.12", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.2", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2"}, {"url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5"}, {"url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda"}, {"url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63"}, {"url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735"}], "title": "perf: hisi: Fix use-after-free when register pmu fails", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:36.049Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52859", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:36:28.164920Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:54.164Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52859", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.260Z", "datePublished": "2024-05-21T15:31:52.546Z", "dateUpdated": "2024-08-02T23:11:36.049Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:18:35.323Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: hisi: Fix use-after-free when register pmu fails\n\nWhen we fail to register the uncore pmu, the pmu context may not been\nallocated. The error handing will call cpuhp_state_remove_instance()\nto call uncore pmu offline callback, which migrate the pmu context.\nSince that's liable to lead to some kind of use-after-free.\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don't execute after\nthe PMU device has been failed to register."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/perf/hisilicon/hisi_uncore_pa_pmu.c", "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c"], "versions": [{"version": "3bf30882c3c7", "lessThan": "0e1e88bba286", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "b660420f449d", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "3405f364f82d", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "75bab28ffd05", "status": "affected", "versionType": "git"}, {"version": "3bf30882c3c7", "lessThan": "b805cafc604b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/perf/hisilicon/hisi_uncore_pa_pmu.c", "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.139", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.63", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.5.12", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.2", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2"}, {"url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5"}, {"url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda"}, {"url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63"}, {"url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735"}], "title": "perf: hisi: Fix use-after-free when register pmu fails", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52859", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:36:28.164920Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-09-11T12:42:13.328Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: hisi: Fix use-after-free when register pmu fails\n\nWhen we fail to register the uncore pmu, the pmu context may not been\nallocated. The error handing will call cpuhp_state_remove_instance()\nto call uncore pmu offline callback, which migrate the pmu context.\nSince that's liable to lead to some kind of use-after-free.\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don't execute after\nthe PMU device has been failed to register."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perf: hisi: corrige el use after free cuando falla el registro de pmu. Cuando no logramos registrar el pmu sin n\u00facleo, es posible que no se haya asignado el contexto de pmu. El manejo del error llamar\u00e1 a cpuhp_state_remove_instance() para llamar a la devoluci\u00f3n de llamada fuera de l\u00ednea de uncore pmu, que migra el contexto de pmu. Dado que eso puede conducir a alg\u00fan tipo de use after free. Utilice cpuhp_state_remove_instance_nocalls() en lugar de cpuhp_state_remove_instance() para que los notificadores no se ejecuten despu\u00e9s de que el dispositivo PMU no haya podido registrarse."}], "id": "CVE-2023-52859", "lastModified": "2024-05-21T16:53:56.550", "metrics": {}, "published": "2024-05-21T16:15:22.933", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: perf: hisi: Fix use-after-free when register pmu fails", "id": "2282745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282745"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nperf: hisi: Fix use-after-free when register pmu fails\nWhen we fail to register the uncore pmu, the pmu context may not been\nallocated. The error handing will call cpuhp_state_remove_instance()\nto call uncore pmu offline callback, which migrate the pmu context.\nSince that's liable to lead to some kind of use-after-free.\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don't execute after\nthe PMU device has been failed to register."], "name": "CVE-2023-52859", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52859\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52859\nhttps://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52859-ad0e@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.15.139, kernel 6.1.63, kernel 6.5.12, kernel 6.6.2, kernel 6.7"}