{"id":"CVE-2023-52983","summary":"block, bfq: fix uaf for bfqq in bic_set_bfqq()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix uaf for bfqq in bic_set_bfqq()\n\nAfter commit 64dc8c732f5c (\"block, bfq: fix possible uaf for 'bfqq-\u003ebic'\"),\nbic-\u003ebfqq will be accessed in bic_set_bfqq(), however, in some context\nbic-\u003ebfqq will be freed, and bic_set_bfqq() is called with the freed\nbic-\u003ebfqq.\n\nFix the problem by always freeing bfqq after bic_set_bfqq().","modified":"2026-04-02T09:43:32.264700Z","published":"2025-03-27T16:43:21.372Z","related":["SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1195-1","SUSE-SU-2025:1241-1","SUSE-SU-2026:0475-1","SUSE-SU-2026:0495-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52983.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/511c922c5bf6c8a166bea826e702336bc2424140"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7f77f3dab5066a7c9da73d72d1eee895ff84a8d5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b600de2d7d3a16f9007fad1bdae82a3951a26af2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cb1876fc33af26d00efdd473311f1b664c77c44e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52983.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52983"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5533742c7cb1bc9b1f0bf401cc397d44a3a9e07a"},{"fixed":"7f77f3dab5066a7c9da73d72d1eee895ff84a8d5"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"094f3d9314d67691cb21ba091c1b528f6e3c4893"},{"fixed":"511c922c5bf6c8a166bea826e702336bc2424140"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"761564d93c8265f65543acf0a576b32d66bfa26a"},{"fixed":"cb1876fc33af26d00efdd473311f1b664c77c44e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"64dc8c732f5c2b406cc752e6aaa1bd5471159cab"},{"fixed":"b600de2d7d3a16f9007fad1bdae82a3951a26af2"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"b22fd72bfebda3956efc4431b60ddfc0a51e03e0"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52983.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}