CVE-2023-3312

Published: Jun 19, 2023Modified: Apr 23, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service.

Affected (2)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.2 to 6.2.15
Linux Linux Kernel	From 6.3 to 6.3.2

Related CWEs

CWE-415

Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (4)

https://patchwork.kernel.org/project/linux-pm/patch/20230323174026.950622-1-krzysztof.kozlowski%40linaro.org/

Source: secalert@redhat.com

https://security.netapp.com/advisory/ntap-20230731-0005/

Source: secalert@redhat.com

https://patchwork.kernel.org/project/linux-pm/patch/20230323174026.950622-1-krzysztof.kozlowski%40linaro.org/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20230731-0005/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.