CVE-2023-52704

May 21, 2024, 4:53 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL Tetsuo-San noted that commit f5d39b020809 ("freezer,sched: Rewrite core freezer logic") broke call_usermodehelper_exec() for the KILLABLE case. Specifically it was missed that the second, unconditional, wait_for_completion() was not optional and ensures the on-stack completion is unused before going out-of-scope.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7
https://git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-21
CVE-2023-52704

Timeline

Published: May 21, 2024, 4:15 p.m.
Last Modified: May 21, 2024, 4:53 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.