CVE-2023-53854Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm or are using "roll your own" devm w/ devm_add_action_or_reset() you need to keep that in mind. The mt8186 audio driver didn't quite get this right. Specifically, in mt8186_init_clock() it called mt81

Affected Packages4 packages

Linuxlinux/linux_kernel6.0.06.1.30+1
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux55b423d5623ccd6785429431c2cf5f3e073b73ba3e56a1c04882852e3e7d6c59756a16211ebbc457+3
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-8mp2-mjh9-w6fj: In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs2025-12-09
OSV
CVE-2023-53854: In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs fu2025-12-09
OSV
ASoC: mediatek: mt8186: Fix use-after-free in driver remove path2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path2025-12-09
Debian
CVE-2023-53854: linux - In the Linux kernel, the following vulnerability has been resolved: ASoC: media...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-53854 Impact, Exploitability, and Mitigation Steps | Wiz