CVE-2023-1079: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2023-1079) was discovered in the Linux kernel's ASUS HID driver, specifically in the asuskbdbacklight_set function. The vulnerability was discovered by Pietro Borrello and disclosed on March 1, 2023. The flaw affects the Linux kernel's handling of ASUS device removal, particularly when dealing with USB keyboard backlight functionality (OSS Security, Ubuntu Security).

The vulnerability occurs when a workstruct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asuskbdleds *led structure. The issue is similar to the previously known CVE-2023-25012. The fix involves using spinlocks to safely deal with workers by introducing a wrapper asusschedule_work() and several spinlock checks (Kernel Git).

The vulnerability could allow an attacker with physical access to cause memory corruption with controlled data. This could potentially lead to denial of service (system crash or memory corruption) or possibly allow arbitrary code execution in the kernel context (Ubuntu Security, Debian LTS).

The vulnerability has been fixed in the Linux kernel through a patch that implements proper spinlock protection. The fix has been merged into the Linux tree and backported to various distributions. Ubuntu and Debian have released security updates for affected versions (Ubuntu Security, Debian LTS).