-

CVE-2023-54299

EPSS 0.05%
Veröffentlicht 30.12.2025 12:23:35
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

usb: typec: bus: verify partner exists in typec_altmode_attention

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: bus: verify partner exists in typec_altmode_attention

Some usb hubs will negotiate DisplayPort Alt mode with the device
but will then negotiate a data role swap after entering the alt
mode. The data role swap causes the device to unregister all alt
modes, however the usb hub will still send Attention messages
even after failing to reregister the Alt Mode. type_altmode_attention
currently does not verify whether or not a device's altmode partner
exists, which results in a NULL pointer error when dereferencing
the typec_altmode and typec_altmode_ops belonging to the altmode
partner.

Verify the presence of a device's altmode partner before sending
the Attention message to the Alt Mode driver.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

CNA 2 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < 5f71716772b88cbe0e1788f6a38d7871aff2120b

Status affected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < 38e1f2ee82bacbbfded8f1c06794a443d038d054

Status affected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < 0ad6bad31da692f8d7acacab07eabe7586239ae0

Status affected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < 0d3b5fe47938e9c451466845304a2bd74e967a80

Status affected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < d49547950bf7f3480d6ca05fe055978e5f0d9e5b

Status affected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < 1101867a1711c27d8bbe0e83136bec47f8c1ca2a

Status affected

Version 8a37d87d72f0c69f837229c04d2fcd7117ea57e7

Version < f23643306430f86e2f413ee2b986e0773e79da31

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version 0

Version < 4.19

Status unaffected

Version <= 5.4.*

Version 5.4.257

Status unaffected

Version <= 5.10.*

Version 5.10.195

Status unaffected

Version <= 5.15.*

Version 5.15.132

Status unaffected

Version <= 6.1.*

Version 6.1.53

Status unaffected

Version <= 6.4.*

Version 6.4.16

Status unaffected

Version <= 6.5.*

Version 6.5.3

Status unaffected

Version <= *

Version 6.6

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.144

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/5f71716772b88cbe0e1788f6a38d7871aff2120b

https://git.kernel.org/stable/c/38e1f2ee82bacbbfded8f1c06794a443d038d054

https://git.kernel.org/stable/c/0ad6bad31da692f8d7acacab07eabe7586239ae0

https://git.kernel.org/stable/c/0d3b5fe47938e9c451466845304a2bd74e967a80

https://git.kernel.org/stable/c/d49547950bf7f3480d6ca05fe055978e5f0d9e5b

https://git.kernel.org/stable/c/1101867a1711c27d8bbe0e83136bec47f8c1ca2a

https://git.kernel.org/stable/c/f23643306430f86e2f413ee2b986e0773e79da31

https://nvd.nist.gov/vuln/detail/CVE-2023-54299

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54299

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54299

EUVD