CVE-2023-35829
HIGHLinux Kernel < 6.3.2 - Use-After-Free in rkvdec_remove
Title source: llmDescription
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.
References (5)
Core 5
Core References
Release Notes, Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
Patch, Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d
Third Party Advisory
https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a%40xs4all.nl/
Mailing List, Third Party Advisory
https://lore.kernel.org/lkml/20230307173900.1299387-1-zyytlz.wz%40163.com/T/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230803-0002/
Scores
CVSS v3
7.0
EPSS
0.0003
EPSS Percentile
10.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-362
CWE-416
Status
published
Products (5)
linux/linux_kernel
5.8 - 5.10.180
netapp/h300s
netapp/h410s
netapp/h500s
netapp/h700s
Published
Jun 18, 2023
Tracked Since
Feb 18, 2026