CVE-2023-53479

UNKNOWN 0.0

cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: cxl/acpi: Fix a use-after-free in cxl_parse_cfmws() KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxl_decoder_add() fail path. KASAN prints the following error: BUG: KASAN: slab-use-after-free in cxl_parse_cfmws (drivers/cxl/acpi.c:299) This happens in cxl_parse_cfmws(), where put_device() is called, releasing cxld, which is accessed later. Use the local variables in the dev_err() instead of pointing to the released memory. Since the dev_err() is printing a resource, change the open coded print format to use the %pr format specifier.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 1, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

e50fe01e1f2a4aba2275edee7d5c77ac87674ddb < 748fadc08bcbdaf573b34d9784bb3dbd87441dbf e50fe01e1f2a4aba2275edee7d5c77ac87674ddb < 316db489647b8ddc381682597e89787eac61a278 e50fe01e1f2a4aba2275edee7d5c77ac87674ddb < 4cf67d3cc9994a59cf77bb9c0ccf9007fe916afe

Linux / Linux

6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/748fadc08bcbdaf573b34d9784bb3dbd87441dbf git.kernel.org: https://git.kernel.org/stable/c/316db489647b8ddc381682597e89787eac61a278 git.kernel.org: https://git.kernel.org/stable/c/4cf67d3cc9994a59cf77bb9c0ccf9007fe916afe