Use-After-Free Vulnerability in Linux Kernel's HID-Bigbenff Driver

CVE-2023-25012 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.