CVE-2023-54244

Vulnerability

CVE-2023-54244 is a use-after-free vulnerability in the Linux kernel's ACPI Embedded Controller (EC) driver. When a custom query handler is removed, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was already unloaded [1]. The root cause is that the removal of custom query handlers does not properly synchronize with the workqueue that may still be executing the handler.

Exploitation

An attacker would need to have the ability to load and unload kernel modules that register custom ACPI EC query handlers. This typically requires root privileges or the ability to trigger module unloading. The attack surface is limited to systems where such custom handlers are in use, and the prerequisite is that the handler's module is unloaded while a query is still pending or being processed.

Impact

If successfully triggered, the vulnerability leads to a kernel oops (a type of crash), which can cause a denial of service (system hang or reboot). There is no evidence of privilege escalation or data corruption described in the source material; the impact is limited to availability.

Mitigation

The fix, committed to the Linux kernel stable tree, flushes the EC query workqueue before removing custom query handlers, ensuring no handler callbacks are in flight [1][2][3]. Users should apply the corresponding kernel patch or update to a kernel version containing the fix. No workaround is mentioned in the references.