-

CVE-2023-54186

EPSS 0.04%
Veröffentlicht 30.12.2025 12:08:55
Zuletzt bearbeitet 31.12.2025 20:43:05
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: altmodes/displayport: fix pin_assignment_show

This patch fixes negative indexing of buf array in pin_assignment_show
when get_current_pin_assignments returns 0 i.e. no compatible pin
assignments are found.

BUG: KASAN: use-after-free in pin_assignment_show+0x26c/0x33c
...
Call trace:
dump_backtrace+0x110/0x204
dump_stack_lvl+0x84/0xbc
print_report+0x358/0x974
kasan_report+0x9c/0xfc
__do_kernel_fault+0xd4/0x2d4
do_bad_area+0x48/0x168
do_tag_check_fault+0x24/0x38
do_mem_abort+0x6c/0x14c
el1_abort+0x44/0x68
el1h_64_sync_handler+0x64/0xa4
el1h_64_sync+0x78/0x7c
pin_assignment_show+0x26c/0x33c
dev_attr_show+0x50/0xc0

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 0e61a7432fcd4bca06f05b7f1c7d7cb461880fe2

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 4f9c0a7c272626cb6716ffc7800e8c73260cdce6

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < ff466f77d0a56719979c4234abd412abd98eae8f

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < fc0e18f95c88435bd8a1ceb540243cd7fbcd9781

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 08bd1be1c716fd50a7df48f82dcbc59a103082b5

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 54ee23e4ab263a495ace1eed43d3883212ece17f

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < d8f28269dd4bf9b55c3fb376ae31512730a96fce

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version < 4.19

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.284

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0e61a7432fcd4bca06f05b7f1c7d7cb461880fe2

https://git.kernel.org/stable/c/4f9c0a7c272626cb6716ffc7800e8c73260cdce6

https://git.kernel.org/stable/c/ff466f77d0a56719979c4234abd412abd98eae8f

https://git.kernel.org/stable/c/fc0e18f95c88435bd8a1ceb540243cd7fbcd9781

https://git.kernel.org/stable/c/08bd1be1c716fd50a7df48f82dcbc59a103082b5

https://git.kernel.org/stable/c/54ee23e4ab263a495ace1eed43d3883212ece17f

https://git.kernel.org/stable/c/d8f28269dd4bf9b55c3fb376ae31512730a96fce

https://nvd.nist.gov/vuln/detail/CVE-2023-54186

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54186

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54186

EUVD