-

CVE-2023-54044

EPSS 0.05%
Veröffentlicht 24.12.2025 12:22:56
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

spmi: Add a check for remove callback when removing a SPMI driver

When removing a SPMI driver, there can be a crash due to NULL pointer
dereference if it does not have a remove callback defined. This is
one such call trace observed when removing the QCOM SPMI PMIC driver:

 dump_backtrace.cfi_jt+0x0/0x8
 dump_stack_lvl+0xd8/0x16c
 panic+0x188/0x498
 __cfi_slowpath+0x0/0x214
 __cfi_slowpath+0x1dc/0x214
 spmi_drv_remove+0x16c/0x1e0
 device_release_driver_internal+0x468/0x79c
 driver_detach+0x11c/0x1a0
 bus_remove_driver+0xc4/0x124
 driver_unregister+0x58/0x84
 cleanup_module+0x1c/0xc24 [qcom_spmi_pmic]
 __do_sys_delete_module+0x3ec/0x53c
 __arm64_sys_delete_module+0x18/0x28
 el0_svc_common+0xdc/0x294
 el0_svc+0x38/0x9c
 el0_sync_handler+0x8c/0xf0
 el0_sync+0x1b4/0x1c0

If a driver has all its resources allocated through devm_() APIs and
does not need any other explicit cleanup, it would not require a
remove callback to be defined. Hence, add a check for remove callback
presence before calling it when removing a SPMI driver.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b95a69214daea4aab1c8bad96571d988a62e2c97

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < 699949219e35fe29fd42ccf8cd92c989c3d15109

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < 54dda732225555dc6d660e95793c54a0a44b612c

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4b

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < ee0b6146317a98bfec848d7bde5586beb245a38f

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < 428cc252701d6864151f3a296ffc23e1e49a7408

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < af763c29b9e7040fedd0077bca053b101438a3a4

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < 0f3ef30c1c05502f5de3b73b3715d5994845c1b4

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

Version < b56eef3e16d888883fefab47425036de80dd38fc

Version 5a86bf343976b9c8ab2f240bc866451fa67e5573

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.15

Status affected

Version < 3.15

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.315

Status unaffected

Version <= 4.19.*

Version 4.19.283

Status unaffected

Version <= 5.4.*

Version 5.4.243

Status unaffected

Version <= 5.10.*

Version 5.10.180

Status unaffected

Version <= 5.15.*

Version 5.15.111

Status unaffected

Version <= 6.1.*

Version 6.1.28

Status unaffected

Version <= 6.2.*

Version 6.2.15

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.146

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/b95a69214daea4aab1c8bad96571d988a62e2c97

https://git.kernel.org/stable/c/699949219e35fe29fd42ccf8cd92c989c3d15109

https://git.kernel.org/stable/c/54dda732225555dc6d660e95793c54a0a44b612c

https://git.kernel.org/stable/c/c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4b

https://git.kernel.org/stable/c/ee0b6146317a98bfec848d7bde5586beb245a38f

https://git.kernel.org/stable/c/428cc252701d6864151f3a296ffc23e1e49a7408

https://git.kernel.org/stable/c/af763c29b9e7040fedd0077bca053b101438a3a4

https://git.kernel.org/stable/c/0f3ef30c1c05502f5de3b73b3715d5994845c1b4

https://git.kernel.org/stable/c/b56eef3e16d888883fefab47425036de80dd38fc

https://nvd.nist.gov/vuln/detail/CVE-2023-54044

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54044

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54044

EUVD