-

CVE-2023-54310

EPSS 0.04%
Veröffentlicht 30.12.2025 12:23:42
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition

mptlan_probe() calls mpt_register_lan_device() which initializes the
&priv->post_buckets_task workqueue. A call to
mpt_lan_wake_post_buckets_task() will subsequently start the work.

During driver unload in mptlan_remove() the following race may occur:

CPU0                  CPU1

                    |mpt_lan_post_receive_buckets_work()
mptlan_remove()     |
  free_netdev()     |
    kfree(dev);     |
                    |
                    | dev->mtu
                    |   //use

Fix this by finishing the work prior to cleaning up in mptlan_remove().

[mkp: we really should remove mptlan instead of attempting to fix it]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 92f869693d84e813895ff4d25363744575515423

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 60c8645ad6f5b722615383d595d63b62b07a13c3

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 410e610a96c52a7b41e2ab6c9ca60868d9acecce

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 697f92f8317e538d8409a0c95d6370eb40b34c05

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < e84282efc87f2414839f6e15c31b4daa34ebaac1

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 9c6da3b7f12528cd52c458b33496a098b838fcfc

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 48daa4a3015d859ee424948844ce3c12f2fe44e6

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < f486893288f3e9b171b836f43853a6426515d800

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.12

Status affected

Version < 2.6.12

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.316

Status unaffected

Version <= 4.19.*

Version 4.19.284

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/92f869693d84e813895ff4d25363744575515423

https://git.kernel.org/stable/c/60c8645ad6f5b722615383d595d63b62b07a13c3

https://git.kernel.org/stable/c/410e610a96c52a7b41e2ab6c9ca60868d9acecce

https://git.kernel.org/stable/c/697f92f8317e538d8409a0c95d6370eb40b34c05

https://git.kernel.org/stable/c/e84282efc87f2414839f6e15c31b4daa34ebaac1

https://git.kernel.org/stable/c/9c6da3b7f12528cd52c458b33496a098b838fcfc

https://git.kernel.org/stable/c/48daa4a3015d859ee424948844ce3c12f2fe44e6

https://git.kernel.org/stable/c/f486893288f3e9b171b836f43853a6426515d800

https://nvd.nist.gov/vuln/detail/CVE-2023-54310

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54310

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54310

EUVD