1212505 – (CVE-2023-35826) VUL-0: CVE-2023-35826: kernel-source-rt,kernel-source-azure,kernel-source: Use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c

Bug 1212505 (CVE-2023-35826) - VUL-0: CVE-2023-35826: kernel-source-rt,kernel-source-azure,kernel-source: Use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c

Summary: VUL-0: CVE-2023-35826: kernel-source-rt,kernel-source-azure,kernel-source: Us...

Status:	RESOLVED FIXED

Alias:	CVE-2023-35826

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/369823/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-06-19 09:58 UTC by Cathy Hu
Modified:	2024-06-25 17:43 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Cathy Hu 2023-06-19 09:58:53 UTC

CVE-2023-35826

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was
found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35826
https://www.cve.org/CVERecord?id=CVE-2023-35826
http://www.cvedetails.com/cve/CVE-2023-35826/
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50d0a7aea4809cef87979d4669911276aa23b71f
https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a@xs4all.nl/
https://lore.kernel.org/linux-arm-kernel/20230308032333.1893394-1-zyytlz.wz@163.com/T/

Comment 1 Cathy Hu 2023-06-19 10:00:07 UTC

Fixing commit: https://github.com/torvalds/linux/commit/50d0a7aea4809cef87979d4669911276aa23b71f

Commit introducing the issue: https://github.com/torvalds/linux/commit/7c38a551bda1b7adea7e98e5c6786f5bee7100b8

Both are in stable only, closing done

Comment 2 Takashi Iwai 2023-06-19 10:27:17 UTC

We need to track also for ALP, too...

Comment 6 Cathy Hu 2023-06-19 14:12:45 UTC

reopening to wait for the updated patch reference

Comment 7 Joey Lee 2023-06-21 05:55:41 UTC

(In reply to Hu from comment #6)
> reopening to wait for the updated patch reference

update status:

ALP-current [sent, update references tag]

Comment 8 Michal Hocko 2023-07-07 13:28:57 UTC

(In reply to Hu from comment #6)
> reopening to wait for the updated patch reference

The driver (staging/cedrus) is unsupported so I guess we can just go ahead and close it.

Comment 9 Joey Lee 2023-07-12 09:03:50 UTC

(In reply to Joey Lee from comment #7)
> (In reply to Hu from comment #6)
> > reopening to wait for the updated patch reference
> 
> update status:
> 
> ALP-current [sent, update references tag]

merged. reset assigner.

Comment 10 Cathy Hu 2023-09-25 12:15:58 UTC

done, closing