CVE-2023-54083 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy the port dev, it will destroy its dev driver as well. But we did not remove the reference from usb-phy dev. This might cause the use-after-free issue in KASAN.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

e8f7d2f409a15c519d5a6085777d85c1c4bab73a (git) before b6a107c52073496d2e5d2837915f59fb3103832f

affected

e8f7d2f409a15c519d5a6085777d85c1c4bab73a (git) before b84998a407a882991916b1a61d987c400d8a0ce6

affected

e8f7d2f409a15c519d5a6085777d85c1c4bab73a (git) before 238edc04ddb9d272b38f5419bcd419ad3b92b91b

affected

e8f7d2f409a15c519d5a6085777d85c1c4bab73a (git) before 82187460347ad58fd6b06d2883da73c3f2df9631

affected

e8f7d2f409a15c519d5a6085777d85c1c4bab73a (git) before c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d

affected

Default status

affected

5.7

affected

Any version before 5.7

unaffected

5.10.188 (semver)

unaffected

5.15.121 (semver)

unaffected

6.1.39 (semver)

unaffected

6.4.4 (semver)

unaffected

6.5 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/b6a107c52073496d2e5d2837915f59fb3103832f

git.kernel.org/...c/b84998a407a882991916b1a61d987c400d8a0ce6

git.kernel.org/...c/238edc04ddb9d272b38f5419bcd419ad3b92b91b

git.kernel.org/...c/82187460347ad58fd6b06d2883da73c3f2df9631

git.kernel.org/...c/c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d

cve.org (CVE-2023-54083)

nvd.nist.gov (CVE-2023-54083)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu