CVE-2023-53747— Linux kernel 安全漏洞
影响版本矩阵 18
| 厂商 | 产品 | 版本范围 | 状态 |
|---|---|---|---|
| Linux | Linux | ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< 934de9a9b659785fed3e820bc0c813a460c71fea | affected |
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< 0deff678157333d775af190f84696336cdcccd6d | affected | ||
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< a4e3c4c65ae8510e01352c9a4347e05c035b2ce2 | affected | ||
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< 11dddfbb7a4e62489b01074d6c04d9d1b42e4047 | affected | ||
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< e3d1adcad5b73c7ed0c7edb35ab68abcaa45cf67 | affected | ||
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< 3338d0b9acde770ee588eead5cac32c25e7048fc | affected | ||
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< 1de42e7653d6714a7507ba6696151a1fa028c69f | affected | ||
ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff< 8fb9ea65c9d1338b0d2bb0a9122dc942cdd32357 | affected | ||
| … +10 条更多 | |||
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2023-53747 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF After a call to console_unlock() in vcs_write() the vc_data struct can be freed by vc_port_destruct(). Because of that, the struct vc_data pointer must be reloaded in the while loop in vcs_write() after console_lock() to avoid a UAF when vcs_size() is called. Syzkaller reported a UAF in vcs_size(). BUG: KASAN: slab-use-after-free in vcs_size (drivers/tty/vt/vc_screen.c:215) Read of size 4 at addr ffff8880beab89a8 by task repro_vcs_size/4119 Call Trace: <TASK> __asan_report_load4_noabort (mm/kasan/report_generic.c:380) vcs_size (drivers/tty/vt/vc_screen.c:215) vcs_write (drivers/tty/vt/vc_screen.c:664) vfs_write (fs/read_write.c:582 fs/read_write.c:564) ... <TASK> Allocated by task 1213: kmalloc_trace (mm/slab_common.c:1064) vc_allocate (./include/linux/slab.h:559 ./include/linux/slab.h:680 drivers/tty/vt/vt.c:1078 drivers/tty/vt/vt.c:1058) con_install (drivers/tty/vt/vt.c:3334) tty_init_dev (drivers/tty/tty_io.c:1303 drivers/tty/tty_io.c:1415 drivers/tty/tty_io.c:1392) tty_open (drivers/tty/tty_io.c:2082 drivers/tty/tty_io.c:2128) chrdev_open (fs/char_dev.c:415) do_dentry_open (fs/open.c:921) vfs_open (fs/open.c:1052) ... Freed by task 4116: kfree (mm/slab_common.c:1016) vc_port_destruct (drivers/tty/vt/vt.c:1044) tty_port_destructor (drivers/tty/tty_port.c:296) tty_port_put (drivers/tty/tty_port.c:312) vt_disallocate_all (drivers/tty/vt/vt_ioctl.c:662 (discriminator 2)) vt_ioctl (drivers/tty/vt/vt_ioctl.c:903) tty_ioctl (drivers/tty/tty_io.c:2778) ... The buggy address belongs to the object at ffff8880beab8800 which belongs to the cache kmalloc-1k of size 1024 The buggy address is located 424 bytes inside of freed 1024-byte region [ffff8880beab8800, ffff8880beab8c00) The buggy address belongs to the physical page: page:00000000afc77580 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xbeab8 head:00000000afc77580 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff) page_type: 0xffffffff() raw: 000fffffc0010200 ffff888100042dc0 ffffea000426de00 dead000000000002 raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8880beab8880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880beab8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff8880beab8980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8880beab8a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880beab8a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Disabling lock debugging due to kernel taint
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于vcs_write中未重新加载vc_data指针,可能导致释放后重用。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2023-53747 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2023-53747 的情报信息
请登录查看更多情报信息。
同批安全公告 · Linux · 2025-12-08 · 共 82 条
| CVE-2022-50629 | Linux kernel 安全漏洞 | |
| CVE-2023-53752 | Linux kernel 安全漏洞 | |
| CVE-2022-50626 | Linux kernel 安全漏洞 | |
| CVE-2022-50627 | Linux kernel 安全漏洞 | |
| CVE-2022-50625 | Linux kernel 安全漏洞 | |
| CVE-2022-50622 | Linux kernel 安全漏洞 | |
| CVE-2022-50621 | Linux kernel 安全漏洞 | |
| CVE-2022-50620 | Linux kernel 安全漏洞 | |
| CVE-2022-50619 | Linux kernel 安全漏洞 | |
| CVE-2022-50623 | Linux kernel 安全漏洞 | |
| CVE-2022-50628 | Linux kernel 安全漏洞 | |
| CVE-2022-50630 | Linux kernel 安全漏洞 | |
| CVE-2023-53742 | Linux kernel 安全漏洞 | |
| CVE-2023-53743 | Linux kernel 安全漏洞 | |
| CVE-2023-53744 | Linux kernel 安全漏洞 | |
| CVE-2023-53745 | Linux kernel 安全漏洞 | |
| CVE-2023-53746 | Linux kernel 安全漏洞 | |
| CVE-2023-53748 | Linux kernel 安全漏洞 | |
| CVE-2023-53750 | Linux kernel 安全漏洞 | |
| CVE-2023-53751 | Linux kernel 安全漏洞 |
显示前 20 条,共 82 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2023-53747
暂无评论