-

CVE-2023-54083

EPSS 0.04%
Veröffentlicht 24.12.2025 13:06:14
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

phy: tegra: xusb: Clear the driver reference in usb-phy dev

In the Linux kernel, the following vulnerability has been resolved:

phy: tegra: xusb: Clear the driver reference in usb-phy dev

For the dual-role port, it will assign the phy dev to usb-phy dev and
use the port dev driver as the dev driver of usb-phy.

When we try to destroy the port dev, it will destroy its dev driver
as well. But we did not remove the reference from usb-phy dev. This
might cause the use-after-free issue in KASAN.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

CNA 2 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version e8f7d2f409a15c519d5a6085777d85c1c4bab73a

Version < b6a107c52073496d2e5d2837915f59fb3103832f

Status affected

Version e8f7d2f409a15c519d5a6085777d85c1c4bab73a

Version < b84998a407a882991916b1a61d987c400d8a0ce6

Status affected

Version e8f7d2f409a15c519d5a6085777d85c1c4bab73a

Version < 238edc04ddb9d272b38f5419bcd419ad3b92b91b

Status affected

Version e8f7d2f409a15c519d5a6085777d85c1c4bab73a

Version < 82187460347ad58fd6b06d2883da73c3f2df9631

Status affected

Version e8f7d2f409a15c519d5a6085777d85c1c4bab73a

Version < c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.7

Status affected

Version 0

Version < 5.7

Status unaffected

Version <= 5.10.*

Version 5.10.188

Status unaffected

Version <= 5.15.*

Version 5.15.121

Status unaffected

Version <= 6.1.*

Version 6.1.39

Status unaffected

Version <= 6.4.*

Version 6.4.4

Status unaffected

Version <= *

Version 6.5

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.101

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/b6a107c52073496d2e5d2837915f59fb3103832f

https://git.kernel.org/stable/c/b84998a407a882991916b1a61d987c400d8a0ce6

https://git.kernel.org/stable/c/238edc04ddb9d272b38f5419bcd419ad3b92b91b

https://git.kernel.org/stable/c/82187460347ad58fd6b06d2883da73c3f2df9631

https://git.kernel.org/stable/c/c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d

https://nvd.nist.gov/vuln/detail/CVE-2023-54083

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54083

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54083

EUVD