Back to bug 2215838

Who When What Removed Added
TEJ RATHI 2023-06-19 07:06:19 UTC CC acaringi, allarkin, bhu, chwhite, dbohanno, ddepaula, debarbos, dfreiber, dvlasenk, ezulian, hkrzesin, jarod, jburrell, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, ldoskova, lgoncalv, lleshchi, lzampier, nmurray, ptalbert, qzhao, rogbas, rrobaina, rvrbovsk, rysulliv, scweaver, swood, tyberry, vkumar, walters, wcosta, williams, wmealing, ycote, ymankad
TEJ RATHI 2023-06-19 07:38:45 UTC Blocks 2215849
Product Security DevOps Team 2023-06-19 20:39:05 UTC Resolution --- NOTABUG
Status NEW CLOSED
Last Closed 2023-06-19 20:39:05 UTC
Mauro Matteo Cascella 2023-06-20 08:48:32 UTC Summary TRIAGE-CVE-2023-35826 kernel: use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c CVE-2023-35826 kernel: use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c
Alias TRIAGE-CVE-2023-35826 CVE-2023-35826
Mauro Matteo Cascella 2023-06-20 08:49:10 UTC Depends On 2186161
Mauro Matteo Cascella 2023-06-20 09:00:41 UTC Summary CVE-2023-35826 kernel: use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c CVE-2023-35826 kernel: cedrus: race condition leading to use-after-free in cedrus_remove()
Mauro Matteo Cascella 2023-06-20 09:28:00 UTC Fixed In Version kernel 6.4-rc1
Mauro Matteo Cascella 2023-06-20 10:58:26 UTC Doc Text A race condition vulnerability was found in the Linux kernel's Allwinner Cedrus VPU driver when removing the module before cleanup in the cedrus_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.
Paige Jung 2023-06-20 14:10:01 UTC Doc Text A race condition vulnerability was found in the Linux kernel's Allwinner Cedrus VPU driver when removing the module before cleanup in the cedrus_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors. A race condition was found in the Linux kernel's Allwinner Cedrus VPU driver when removing the module before cleanup in the cedrus_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.

Back to bug 2215838