CVE-2023-53572

HIGH

Linux Kernel 5.11-5.15.120 - Use-After-Free in Clock Driver List Iterator

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entry_safe(). Otherwise it dereferences a freed variable to get the next item on the loop.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/f95ff838ac39f861d1f95a0f3bbb1e01c2517d79

Patch

https://git.kernel.org/stable/c/08cc7cd2c2a29a2abf5bceb8f048c0734d3694ba

Patch

https://git.kernel.org/stable/c/3d90921f91fc6a8c801d527bb5848c99e335c1cf

Patch

https://git.kernel.org/stable/c/0a719f0e4b6f233979e219baff73923e76a96e09

Patch

https://git.kernel.org/stable/c/632c60ecd25dbacee54d5581fe3aeb834b57010a

Scores

CVSS v3 7.8

EPSS 0.0014

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (13)

Linux/Linux < 5.11

Linux/Linux 5.11

Linux/Linux 5.15.121 - 5.15.*

Linux/Linux 6.1.39 - 6.1.*

Linux/Linux 6.3.13 - 6.3.*

Linux/Linux 6.4.4 - 6.4.*

Linux/Linux 6.5

Linux/Linux 77d8f3068c63ee0983f0b5ba3207d3f7cce11be4 - 08cc7cd2c2a29a2abf5bceb8f048c0734d3694ba

Linux/Linux 77d8f3068c63ee0983f0b5ba3207d3f7cce11be4 - 0a719f0e4b6f233979e219baff73923e76a96e09

Linux/Linux 77d8f3068c63ee0983f0b5ba3207d3f7cce11be4 - 3d90921f91fc6a8c801d527bb5848c99e335c1cf

... and 3 more

Published Oct 04, 2025

Tracked Since Feb 18, 2026