CVE-2023-52983
Published: 27 March 2025
Summary
CVE-2023-52983 is a high-severity Use After Free (CWE-416) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 8.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Deeper analysis
CVE-2023-52983 is a use-after-free vulnerability (CWE-416) in the Linux kernel's BFQ block IO scheduler. The issue arises in the bic_set_bfqq() function within the block/bfq component, where bic->bfqq is accessed after being freed in certain contexts. This stems from changes introduced by commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'"), leading to potential use-after-free conditions during bfqq handling.
A local attacker with low privileges (PR:L) can exploit this vulnerability with low attack complexity (AC:L) and no user interaction (UI:N), in a local attack vector (AV:L) with unchanged scope (S:U). Exploitation could result in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H), as indicated by the CVSS 3.1 base score of 7.8.
Mitigation requires applying the relevant stable kernel patches, available via the following git.kernel.org commits: 511c922c5bf6c8a166bea826e702336bc2424140, 7f77f3dab5066a7c9da73d72d1eee895ff84a8d5, b600de2d7d3a16f9007fad1bdae82a3951a26af2, and cb1876fc33af26d00efdd473311f1b664c77c44e. These patches resolve the issue by ensuring bfqq is always freed after bic_set_bfqq().
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-59737
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bic_set_bfqq() After commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'"), bic->bfqq will be accessed in bic_set_bfqq(), however, in some context bic->bfqq will…
more
be freed, and bic_set_bfqq() is called with the freed bic->bfqq. Fix the problem by always freeing bfqq after bic_set_bfqq().
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Use-after-free in Linux kernel BFQ scheduler enables local low-privileged attacker to exploit for privilege escalation with high impact on confidentiality/integrity/availability.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the use-after-free vulnerability by requiring timely application of the specified Linux kernel patches to eliminate the flaw in the BFQ scheduler.
Provides memory protections such as KASLR and SMEP that hinder exploitation of the use-after-free in the kernel's bic_set_bfqq() function even if unpatched.
Vulnerability scanning detects systems with vulnerable Linux kernel versions affected by CVE-2023-52983 in the BFQ block IO scheduler.