Home

Description

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubi_free_volume() It willl cause null-ptr-deref in the following case: uif_init() ubi_add_volume() cdev_add() -> if it fails, call kill_volumes() device_register() kill_volumes() -> if ubi_add_volume() fails call this function ubi_free_volume() cdev_del() device_unregister() -> trying to delete a not added device, it causes null-ptr-deref So in ubi_free_volume(), it delete devices whether they are added or not, it will causes null-ptr-deref. Handle the error case whlie calling ubi_add_volume() to fix this problem. If add volume fails, set the corresponding vol to null, so it can not be accessed in kill_volumes() and release the resource in ubi_add_volume() error path.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before 5558bcf1c58720ca6e9d6198d921cb3aa337f038
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before 45b2c5ca4d2edae70f19fdb086bd927840c4c309
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before 234c53e57424992e657e6f4acc00d3df0983176f
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before fcbc795abe7897da4b5d2a6ab5010e36774b00c2
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before 5ec4c8aca5a221756a9007deadfea92795319fee
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before 2ea7195b195009ecf0046e55361f393ba96d02db
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before 9eccdb0760cbcb4427b5303a83a3007de998af51
affected

801c135ce73d5df1caf3eca35b66a10824ae0707 (git) before c15859bfd326c10230f09cb48a17f8a35f190342
affected

Default status
affected

2.6.22
affected

Any version before 2.6.22
unaffected

4.14.308 (semver)
unaffected

4.19.276 (semver)
unaffected

5.4.235 (semver)
unaffected

5.10.173 (semver)
unaffected

5.15.100 (semver)
unaffected

6.1.18 (semver)
unaffected

6.2.5 (semver)
unaffected

6.3 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/5558bcf1c58720ca6e9d6198d921cb3aa337f038

git.kernel.org/...c/45b2c5ca4d2edae70f19fdb086bd927840c4c309

git.kernel.org/...c/234c53e57424992e657e6f4acc00d3df0983176f

git.kernel.org/...c/fcbc795abe7897da4b5d2a6ab5010e36774b00c2

git.kernel.org/...c/5ec4c8aca5a221756a9007deadfea92795319fee

git.kernel.org/...c/2ea7195b195009ecf0046e55361f393ba96d02db

git.kernel.org/...c/9eccdb0760cbcb4427b5303a83a3007de998af51

git.kernel.org/...c/c15859bfd326c10230f09cb48a17f8a35f190342

cve.org (CVE-2023-54087)

nvd.nist.gov (CVE-2023-54087)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.