{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-52983","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-03-27T16:40:15.740Z","datePublished":"2025-03-27T16:43:21.372Z","dateUpdated":"2026-05-11T19:36:22.378Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:36:22.378Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix uaf for bfqq in bic_set_bfqq()\n\nAfter commit 64dc8c732f5c (\"block, bfq: fix possible uaf for 'bfqq->bic'\"),\nbic->bfqq will be accessed in bic_set_bfqq(), however, in some context\nbic->bfqq will be freed, and bic_set_bfqq() is called with the freed\nbic->bfqq.\n\nFix the problem by always freeing bfqq after bic_set_bfqq()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["block/bfq-cgroup.c","block/bfq-iosched.c"],"versions":[{"version":"5533742c7cb1bc9b1f0bf401cc397d44a3a9e07a","lessThan":"7f77f3dab5066a7c9da73d72d1eee895ff84a8d5","status":"affected","versionType":"git"},{"version":"094f3d9314d67691cb21ba091c1b528f6e3c4893","lessThan":"511c922c5bf6c8a166bea826e702336bc2424140","status":"affected","versionType":"git"},{"version":"761564d93c8265f65543acf0a576b32d66bfa26a","lessThan":"cb1876fc33af26d00efdd473311f1b664c77c44e","status":"affected","versionType":"git"},{"version":"64dc8c732f5c2b406cc752e6aaa1bd5471159cab","lessThan":"b600de2d7d3a16f9007fad1bdae82a3951a26af2","status":"affected","versionType":"git"},{"version":"b22fd72bfebda3956efc4431b60ddfc0a51e03e0","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["block/bfq-cgroup.c","block/bfq-iosched.c"],"versions":[{"version":"5.15.86","lessThan":"5.15.93","status":"affected","versionType":"semver"},{"version":"6.1.2","lessThan":"6.1.11","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.86","versionEndExcluding":"5.15.93"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.2","versionEndExcluding":"6.1.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7f77f3dab5066a7c9da73d72d1eee895ff84a8d5"},{"url":"https://git.kernel.org/stable/c/511c922c5bf6c8a166bea826e702336bc2424140"},{"url":"https://git.kernel.org/stable/c/cb1876fc33af26d00efdd473311f1b664c77c44e"},{"url":"https://git.kernel.org/stable/c/b600de2d7d3a16f9007fad1bdae82a3951a26af2"}],"title":"block, bfq: fix uaf for bfqq in bic_set_bfqq()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2023-52983","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-03-27T16:59:42.552227Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-416","description":"CWE-416 Use After Free"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-27T17:08:22.246Z"}}]}}