CVE-2023-54043Use of Multiple Resources with Duplicate Identifier in Linux

CWE-694Use of Multiple Resources with Duplicate Identifier7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas->hwpt_list twice The hwpt is added to the hwpt_list only during its creation, it is never added again. This hunk is some missed leftover from rework. Adding it twice will corrupt the linked list in some cases. It effects HWPT specific attachment, which is something the test suite cannot cover until we can create a legitimate struct device with a non-system iommu "driver" (ie we ne

Affected Packages3 packages

Linuxlinux/linux_kernel6.2.06.2.3
CVEListV5linux/linuxe8d57210035b6377d424ba964961892d01127cf6c44adefdcf472f946f0632f4e0ddcbf3e00b8516+2
debiandebian/linux

🔴Vulnerability Details

3
OSV
CVE-2023-54043: In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas->hwpt_list twice The hwpt is added t2025-12-24
OSV
iommufd: Do not add the same hwpt to the ioas->hwpt_list twice2025-12-24
GHSA
GHSA-hwvv-764m-j5cv: In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas->hwpt_list twice The hwpt is added2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: iommufd: Do not add the same hwpt to the ioas->hwpt_list twice2025-12-24
Debian
CVE-2023-54043: linux - In the Linux kernel, the following vulnerability has been resolved: iommufd: Do...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54043 Impact, Exploitability, and Mitigation Steps | Wiz