-
CVE-2023-54234
- EPSS 0.02%
- Veröffentlicht 30.12.2025 12:11:25
- Zuletzt bearbeitet 31.12.2025 20:42:43
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
Commit c1af985d27da ("scsi: mpi3mr: Add Event acknowledgment logic")
introduced an array mrioc->evtack_cmds but initialization of the array
elements was missed. They are just zero cleared. The function
mpi3mr_complete_evt_ack() refers host_tag field of the elements. Due to the
zero value of the host_tag field, the function calls clear_bit() for
mrico->evtack_cmds_bitmap with wrong bit index. This results in memory
access to invalid address and "BUG: KASAN: use-after-free". This BUG was
observed at eHBA-9600 firmware update to version 8.3.1.0. To fix it, add
the missing initialization of mrioc->evtack_cmds.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
4e0dfdb48a824deac3dfbc67fb856ef2aee13529
Version
c1af985d27da2d530c22604644e9025810f57d7c
Status
affected
Version <
67989091e11a974003ddf2ec39bc613df8eadd83
Version
c1af985d27da2d530c22604644e9025810f57d7c
Status
affected
Version <
e39ea831ebad4ab15c4748cb62a397a8abcca36e
Version
c1af985d27da2d530c22604644e9025810f57d7c
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.17
Status
affected
Version <
5.17
Version
0
Status
unaffected
Version <=
6.1.*
Version
6.1.16
Status
unaffected
Version <=
6.2.*
Version
6.2.3
Status
unaffected
Version <=
*
Version
6.3
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.057 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|