Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-53047

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdtee_open_session There is a potential race condition in amdtee_open_session that may lead to use-after-free. For instance, in amdtee_open_session() after sess->sess_mask is set, and before setting: sess->session_info[i] = session_info; if amdtee_close_session() closes this same session, then 'sess' data structure will be released, causing kernel panic when 'sess' is accessed within amdtee_open_session(). The solution is to set the bit sess->sess_mask as the last step in amdtee_open_session().

Published

2025-05-02T16:15:23.790

Last Modified

2025-11-12T16:46:56.800

Status

Analyzed

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 4.7 (MEDIUM)

Weaknesses

Type: Primary
CWE-362

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 5.10.177	Yes
Operating System	linux	linux_kernel	< 5.15.105	Yes
Operating System	linux	linux_kernel	< 6.1.22	Yes
Operating System	linux	linux_kernel	< 6.2.9	Yes
Operating System	linux	linux_kernel	6.3	Yes
Operating System	linux	linux_kernel	6.3	Yes
Operating System	linux	linux_kernel	6.3	Yes

References

https://git.kernel.org/stable/c/02b296978a2137d7128151c542e84dc96400bc00 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/a63cce9393e4e7dbc5af82dc87e68cb321cb1a78 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/b3ef9e6fe09f1a132af28c623edcf4d4f39d9f35 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/f632a90f8e39db39b322107b9a8d438b826a7f4f Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/f8502fba45bd30e1a6a354d9d898bc99d1a11e6d Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)