Allele Security Intelligence

Use-after-free vulnerability in the CAN BCM subsystem leading to information disclosure (CVE-2023-52922)

Posted on June 9, 2025November 11, 2025 by Allele Security Intelligence in Research

Para acessar esta postagem em português, clique aqui.

In 2024, our research team noticed and wrote proofs of concept for a use-after-free vulnerability affecting the latest Red Hat Enterprise Linux 9 (RHEL 9). At the time, kernel version 5.14.0-503.15.1.el9_5. The vulnerability was fixed in the Linux kernel upstream on July 17, 2023 [1][2]. After we reported it, the fix was backported to Red Hat Enterprise Linux 9 on March 11, 2025 [3], in the kernel version 5.14.0-503.31.1.el9_5.

We reported it to Red Hat on July 16, 2024, and they replied that upstream declined to issue a CVE and asked us for the proof of concept we had mentioned during the first contact. After sending a detailed report including a proof of concept, the CVE-2023-52922 [4] was assigned. This blog post also highlights a potential pattern that has been present in the CAN BCM subsystem, as at least another issue has already been reported and fixed.

This vulnerability allows unprivileged users to read data from kernel space, which could be used to disclose sensitive information and bypass security mitigations enabled by default in the affected systems.

Continue reading →

Accidentally uncovering a seven years old vulnerability in the Linux kernel

Posted on February 5, 2025October 31, 2025 by Allele Security Intelligence in Research

Para acessar esta postagem em português, clique aqui.

Vulnerability research is at the core of Allele Security Intelligence. We have been actively researching for more than a decade, and we offer our expertise to our clients. Among the services we offer are 0day and nday vulnerability research.

In nday vulnerability research projects, in the case of the Linux kernel, we look for vulnerabilities patched upstream, that still affect major distributions even in their latest release. Usually, we find vulnerabilities patched over a year ago that still affect popular Linux distributions. We do that by auditing the Linux kernel source code, monitoring vulnerabilities submitted to mailing lists and patched upstream, checking the findings of the syzkaller fuzzer and other ways.

While doing that research, we accidentally discovered a vulnerability in the core of the TCP subsystem of the Linux kernel. It had been introduced seven years earlier. We reported it upstream, which was patched in May of last year. In this blog post, we’ll share how it happened and briefly analyze the vulnerability.

Continue reading →

The solution to keep your systems secure: Kernel Livepatch

Posted on December 6, 2024December 20, 2025 by Allele Security Intelligence in Consulting

Para acessar esta postagem em português, clique aqui.

Keeping systems up-to-date with the latest vulnerability patches is crucial for organizational security. New vulnerabilities are frequently discovered, increasing exposure to attacks. However, regarding a system’s main component—the kernel—such updates typically require a complete system reboot, which can reduce server uptime and potentially affect service quality. Additionally, in a kernel update provided by the vendor, there are often other modifications beyond vulnerability patches, which can alter system behavior unexpectedly. Fortunately, there is a technique for patching kernel vulnerabilities that avoids these negative impacts.

Linux Livepatch is the solution. This feature allows you to apply security updates and critical patches without rebooting or interrupting services. This makes your systems more secure and highly available 24/7, reducing risks and maximizing productivity. It also enables patching vulnerabilities unknown to the public and vendors, like vulnerabilities discovered by our research team. Next, we will provide further details to help you understand this solution.

Continue reading →