CVE-2023-35827: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2023-35827) was discovered in the Linux kernel through version 6.3.8. The vulnerability exists in the ravbremove function within drivers/net/ethernet/renesas/ravbmain.c, specifically in the Renesas Ethernet AVB driver. The issue was discovered by Zheng Wang and was publicly disclosed on June 18, 2023 (NVD, MITRE).

The vulnerability occurs due to a race condition in the Renesas Ethernet AVB driver when removing the module before cleanup. In ravbprobe, priv->work is bound with ravbtxtimeoutwork, and if a timeout occurs while ravb_remove is called without finishing the work, it can lead to a use-after-free condition on the network device (ndev). The vulnerability has been assigned a CVSS v3.1 base score of 7.0 (HIGH) with the vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). The vulnerability requires local access and high complexity to exploit, but could result in high impacts to confidentiality, integrity, and availability (NetApp Advisory).

Multiple Linux distributions have released patches to address this vulnerability. Ubuntu has fixed this in various kernel versions including 5.15.0-94.104 for 22.04 LTS, 5.4.0-171.189 for 20.04 LTS, and 4.15.0-232.244 for 18.04 LTS. Debian has also addressed this in version 5.10.205-2~deb10u1 for Debian 10 (Debian LTS).