CVE-2023-1990: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel, identified as CVE-2023-1990. The vulnerability was discovered by Zheng Wang and reported in March 2023. The issue affects the ST NCI NFC driver and occurs due to a race condition during device removal events (NVD, Ubuntu).

The vulnerability stems from a race condition in the st-nci NFC adapter driver's ndlcremove function. The issue arises when there's a potential race between the work queue execution and driver removal, which could lead to a use-after-free condition. The bug affects both stncii2cremove and stncispi_remove functions. The CVSS 3 Severity Score for this vulnerability is 4.7 (Medium) (Ubuntu, Kernel Patch).

A physically proximate attacker could potentially exploit this vulnerability to cause a denial of service through a system crash. The impact is limited as this driver is not enabled in some distributions' official kernel configurations, such as Debian (Debian LTS).

The issue has been fixed by modifying the ndlcremove function to ensure proper synchronization of work queues before cleanup. The fix involves adding cancelworksync(&ndlc->smwork) before stnciremove(ndlc->ndev) in the removal process. Multiple Linux distributions have released patches, including Ubuntu (various versions) and Debian (in versions 5.10.234-1 for bullseye and 6.1.128-1 for bookworm) (Kernel Patch, Debian Security).