CVE-2023-25012

2023-02-0200:00:00

ubuntu.com

linux kernel

use-after-free

hid-bigbenff

usb device

led controllers

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

34.4%

JSON

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in
drivers/hid/hid-bigbenff.c via a crafted USB device because the LED
controllers remain registered for too long.

Notes

Author	Note
sbeattie	requires the removal of the device to exploit, usually implying physical access. upstream submission claims the issue was introduced in 4eb1b01de5b9 (“HID: hid-bigbenff: fix race condition for scheduled work during removal”), which may also have a security impact.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-152.169UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-75.82UNKNOWN
ubuntu22.10noarchlinux< 5.19.0-45.46UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1104.112UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1038.43UNKNOWN
ubuntu22.10noarchlinux-aws< 5.19.0-1027.28UNKNOWN
ubuntu23.04noarchlinux-aws< 6.2.0-1003.3UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1038.43~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1110.116UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< 5.4.0-152.169	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-75.82	UNKNOWN
ubuntu	22.10	noarch	linux	< 5.19.0-45.46	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1104.112	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1038.43	UNKNOWN
ubuntu	22.10	noarch	linux-aws	< 5.19.0-1027.28	UNKNOWN
ubuntu	23.04	noarch	linux-aws	< 6.2.0-1003.3	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1038.43~20.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1110.116	UNKNOWN