CVE-2023-53039: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability was discovered in the Linux kernel's Intel ISH HID driver (CVE-2023-53039). The issue occurs when a reset notify IPC message is received, where the ISR schedules a work function and passes the ISHTP device via a global pointer ishtp_dev (NVD, Debian Tracker).

The vulnerability manifests when ishprobe() fails, causing the devm-managed device resources including ishtpdev to be freed, but the work is not cancelled. This leads to a use-after-free condition when the work function attempts to access the freed ishtp_dev pointer. The issue has been assigned a CVSS v3.1 base score of 5.5 with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat).

The vulnerability could lead to system instability or potential denial of service when exploited, as indicated by the CVSS metrics showing high availability impact but no confidentiality or integrity impacts (Red Hat).

The vulnerability has been fixed by implementing devmworkautocancel() to ensure the work is automatically cancelled if probe fails. Fixed versions are available in various Linux distributions: Debian bookworm (6.1.137-1), trixie, and sid (6.12.27-1) contain the fix, while older versions remain vulnerable (Debian Tracker).