CVE-2023-54027Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent Commit 813665564b3d ("iio: core: Convert to use firmware node handle instead of OF node") switched the kind of nodes to use for label retrieval in device registration. Probably an unwanted change in that commit was that if the device has no parent then NULL pointer is accessed. This is what happens in the stock IIO dummy driver when a new entry is created in conf

Affected Packages4 packages

Linuxlinux/linux_kernel5.19.06.1.46+1
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux813665564b3d7c74412fe2877520f1d254ce948a312f04ede209f0a186799fe8e64a19b49700d5dc+3
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54027: In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent Commit 813665564b2025-12-24
GHSA
GHSA-jwx3-9wmp-w467: In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent Commit 813665562025-12-24
OSV
iio: core: Prevent invalid memory access when there is no parent2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: iio: core: Prevent invalid memory access when there is no parent2025-12-24
Debian
CVE-2023-54027: linux - In the Linux kernel, the following vulnerability has been resolved: iio: core: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54027 Impact, Exploitability, and Mitigation Steps | Wiz