CVE-2023-54225

EPSS 0.02%
Veröffentlicht 30.12.2025 12:11:18
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: ipa: only reset hashed tables when supported

Last year, the code that manages GSI channel transactions switched
from using spinlock-protected linked lists to using indexes into the
ring buffer used for a channel.  Recently, Google reported seeing
transaction reference count underflows occasionally during shutdown.

Doug Anderson found a way to reproduce the issue reliably, and
bisected the issue to the commit that eliminated the linked lists
and the lock.  The root cause was ultimately determined to be
related to unused transactions being committed as part of the modem
shutdown cleanup activity.  Unused transactions are not normally
expected (except in error cases).

The modem uses some ranges of IPA-resident memory, and whenever it
shuts down we zero those ranges.  In ipa_filter_reset_table() a
transaction is allocated to zero modem filter table entries.  If
hashing is not supported, hashed table memory should not be zeroed.
But currently nothing prevents that, and the result is an unused
transaction.  Something similar occurs when we zero routing table
entries for the modem.

By preventing any attempt to clear hashed tables when hashing is not
supported, the reference count underflow is avoided in this case.

Note that there likely remains an issue with properly freeing unused
transactions (if they occur due to errors).  This patch addresses
only the underflows that Google originally reported.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 50c24f0c940728792c8bdf65c1eaf6b91b3b0dcd

Version d338ae28d8a866c57fcac38f3d77bcc1d1702d19

Status affected

Version < c00af3a818cc573e10100cc6770f0e47befa1fa4

Version d338ae28d8a866c57fcac38f3d77bcc1d1702d19

Status affected

Version < e11ec2b868af2b351c6c1e2e50eb711cc5423a10

Version d338ae28d8a866c57fcac38f3d77bcc1d1702d19

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.1

Status affected

Version < 6.1

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.45

Status unaffected

Version <= 6.4.*

Version 6.4.8

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.057

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/50c24f0c940728792c8bdf65c1eaf6b91b3b0dcd

https://git.kernel.org/stable/c/c00af3a818cc573e10100cc6770f0e47befa1fa4

https://git.kernel.org/stable/c/e11ec2b868af2b351c6c1e2e50eb711cc5423a10

https://nvd.nist.gov/vuln/detail/CVE-2023-54225

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54225

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54225

EUVD