Use-after-free vulnerability in the CAN BCM subsystem leading to information disclosure – CVE-2023-52922

Title

Use-after-free vulnerability in CAN BCM subsystem leading to information disclosure affecting Red Hat Enterprise Linux and its derivatives.

IDENTIFIER(S)

CVE-2023-52922

Description

We reported a use-after-free vulnerability affecting Red Hat Enterprise Linux 9 and its derivatives. The vulnerability was fixed in the Linux kernel upstream on July 17, 2023. After we reported it, it was backported to Red Hat Enterprise Linux 9 on March 11, 2025. The exploitation of the vulnerability allows the leaking of the encoded freelist pointer and the addresses of the slab.

References

Use-after-free vulnerability in CAN BCM subsystem leading to information disclosure (CVE-2023-52922)
https://allelesecurity.com/use-after-free-vulnerability-in-can-bcm-subsystem-leading-to-information-disclosure-cve-2023-52922/

CVE-2023-52922 – Use-after-free vulnerability in CAN BCM subsystem leading to information disclosure.
https://github.com/alleleintel/research/tree/master/CVE-2023-52922

CVE-2023-52922: can: bcm: Fix UAF in bcm_proc_show()
https://lore.kernel.org/linux-cve-announce/2024112856-CVE-2023-52922-39e1@gregkh/T/#u

can: bcm: Fix UAF in bcm_proc_show()
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=55c3b96074f3f9b0aee19bf93cd71af7516582bb