CVE-2023-53544

HIGH

Linux kernel - Use After Free

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver(). If one of the cpufreq callbacks is called just before cpufreq_unregister_driver() is run, the freed clks might be used.

References (4)

[Patch] https://git.kernel.org/stable/c/5d8f384a9b4fc50f6a18405f1c08e5a87a77b5b3

[Patch] https://git.kernel.org/stable/c/66b3bbe6fbd8dd410868e5b53ac3944a934b9310

[Patch] https://git.kernel.org/stable/c/a5f024d0e6f91e05c816ad4ee8837173369dd5cb

[Patch] https://git.kernel.org/stable/c/ab05ae4ab831f64bbc427592c86f599ed9c4324f

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 1.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-416

Status draft

Affected Products (1)

linux/linux_kernel < 4.14.308

Timeline

Published Oct 04, 2025

Tracked Since Feb 18, 2026