In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookup_rec() when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookup_rec Read of size 8 at addr ffff000199270ff0 by task modprobe CPU: 2 Comm: modprobe Call trace: kasan_report __asan_load8 lookup_rec ftrace_location arch_check_ftrace_location check_kprobe_address_safe register_kprobe When checking pg->records[pg->index - 1].ip in lookup_rec(), it can get a pg which is newly added to ftrace_pages_start in ftrace_process_locs(). Before the first pg->index++, index is 0 and accessing pg->records[-1].ip will cause this problem. Don't check the ip when pg->index is 0.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

No data.

No data.

References
Link Providers
https://git.kernel.org/stable/c/2a0d71fabfeb349216d33f001a6421b1768bd3a9 cve-icon cve-icon
https://git.kernel.org/stable/c/2de28e5ce34b22b73b833a21e2c45ae3aade3964 cve-icon cve-icon
https://git.kernel.org/stable/c/4f84f31f63416b0f02fc146ffdc4ab32723eb7e8 cve-icon cve-icon
https://git.kernel.org/stable/c/7569ee04b0e3b32df79f64db3a7138573edad9bc cve-icon cve-icon
https://git.kernel.org/stable/c/83c3b2f4e7c61367c7b24551f4c6eb94bbdda283 cve-icon cve-icon
https://git.kernel.org/stable/c/ac58b88ccbbb8e9fb83e137cee04a856b1ea6635 cve-icon cve-icon
https://git.kernel.org/stable/c/ee92fa443358f4fc0017c1d0d325c27b37802504 cve-icon cve-icon
https://git.kernel.org/stable/c/f1bd8b7fd890d87d0dc4dedc6287ea34dd07c0b4 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050215-CVE-2023-53075-6770@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53075 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53075 cve-icon
History

Mon, 05 May 2025 14:00:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Fri, 02 May 2025 16:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookup_rec() when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookup_rec Read of size 8 at addr ffff000199270ff0 by task modprobe CPU: 2 Comm: modprobe Call trace: kasan_report __asan_load8 lookup_rec ftrace_location arch_check_ftrace_location check_kprobe_address_safe register_kprobe When checking pg->records[pg->index - 1].ip in lookup_rec(), it can get a pg which is newly added to ftrace_pages_start in ftrace_process_locs(). Before the first pg->index++, index is 0 and accessing pg->records[-1].ip will cause this problem. Don't check the ip when pg->index is 0.
Title ftrace: Fix invalid address access in lookup_rec() when index is 0
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-05-02T15:55:26.023Z

Updated: 2025-05-04T07:49:14.766Z

Reserved: 2025-05-02T15:51:43.549Z

Link: CVE-2023-53075

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-05-02T16:15:26.510

Modified: 2025-05-05T20:54:45.973

Link: CVE-2023-53075

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-05-02T00:00:00Z

Links: CVE-2023-53075 - Bugzilla