-

CVE-2023-54046

EPSS 0.05%
Veröffentlicht 24.12.2025 12:22:57
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

crypto: essiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved:

crypto: essiv - Handle EBUSY correctly

As it is essiv only handles the special return value of EINPROGERSS,
which means that in all other cases it will free data related to the
request.

However, as the caller of essiv may specify MAY_BACKLOG, we also need
to expect EBUSY and treat it in the same way.  Otherwise backlogged
requests will trigger a use-after-free.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

CNA 2 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version be1eb7f78aa8fbe34779c56c266ccd0364604e71

Version < c61e7d182ee3f3f5ecf18a2964e303d49c539b52

Status affected

Version be1eb7f78aa8fbe34779c56c266ccd0364604e71

Version < 796e02cca30a67322161f0745e5ce994bbe75605

Status affected

Version be1eb7f78aa8fbe34779c56c266ccd0364604e71

Version < 840a1d3b77c1b062bd62b4733969a5b1efc274ce

Status affected

Version be1eb7f78aa8fbe34779c56c266ccd0364604e71

Version < a006aa3eedb8bfd6fe317c3cfe9c86ffe76b2385

Status affected

Version be1eb7f78aa8fbe34779c56c266ccd0364604e71

Version < 69c67d451fc19d88e54f7d97e8e7c093e08357e1

Status affected

Version be1eb7f78aa8fbe34779c56c266ccd0364604e71

Version < b5a772adf45a32c68bef28e60621f12617161556

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.4

Status affected

Version 0

Version < 5.4

Status unaffected

Version <= 5.4.*

Version 5.4.235

Status unaffected

Version <= 5.10.*

Version 5.10.173

Status unaffected

Version <= 5.15.*

Version 5.15.99

Status unaffected

Version <= 6.1.*

Version 6.1.16

Status unaffected

Version <= 6.2.*

Version 6.2.3

Status unaffected

Version <= *

Version 6.3

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.144

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/c61e7d182ee3f3f5ecf18a2964e303d49c539b52

https://git.kernel.org/stable/c/796e02cca30a67322161f0745e5ce994bbe75605

https://git.kernel.org/stable/c/840a1d3b77c1b062bd62b4733969a5b1efc274ce

https://git.kernel.org/stable/c/a006aa3eedb8bfd6fe317c3cfe9c86ffe76b2385

https://git.kernel.org/stable/c/69c67d451fc19d88e54f7d97e8e7c093e08357e1

https://git.kernel.org/stable/c/b5a772adf45a32c68bef28e60621f12617161556

https://nvd.nist.gov/vuln/detail/CVE-2023-54046

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54046

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54046

EUVD