{"id":"CVE-2023-23039","details":"An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() and vcc_remove().","modified":"2026-03-14T12:02:13.430256Z","published":"2023-02-22T17:15:11.997Z","references":[{"type":"FIX","url":"https://lkml.org/lkml/2023/1/1/169"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-23039.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"6.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2.0-rc2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}]}