CVE-2023-54026Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference7 documents6 sources
Severity
4.7MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() returns -EPROBE_DEFER, the opp_table is freed again, to wait until all the interconnect paths are available. However, if the OPP table is using required-opps then it may already have been added to the global lazy_opp_tables list. The error path does not remove the opp_table from the list again. This ca

Affected Packages4 packages

Linuxlinux/linux_kernel5.12.05.15.121+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux7eba0c7641b0009818e469dbfcdd87a0155ab9d439a0e723d3502f6dc4c603f57ebe8dc7bcc4a4bc+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54026: In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of2025-12-24
OSV
opp: Fix use-after-free in lazy_opp_tables after probe deferral2025-12-24
GHSA
GHSA-m34w-8vx7-2jww: In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: opp: Fix use-after-free in lazy_opp_tables after probe deferral2025-12-24
Debian
CVE-2023-54026: linux - In the Linux kernel, the following vulnerability has been resolved: opp: Fix us...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54026 Impact, Exploitability, and Mitigation Steps | Wiz