CVE-2023-54108Release of Invalid Pointer or Reference in Linux

CWE-763Release of Invalid Pointer or Reference7 documents6 sources
Severity
2.5LOW
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error [device address=0x00000002a3ff38d8] [size=1024 bytes] [mapped as single] WARNING: CPU: 0 PID: 2930 at kernel/dma/debug.c:1017 check_unmap+0xf42/0x1990 Call Trace: debug_dma_unmap_page+0xc9/0x100 qla_nvme_ls_unmap+0x141/0x210 [qla2xxx

Affected Packages4 packages

Linuxlinux/linux_kernel5.5.05.10.173+4
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux2d087c7e55db420107c3ea97b228e067a7b488a13a564de3a299856f2cbd289649cea2e20d671a43+8
debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-w45h-m4r8-m765: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message2025-12-24
OSV
scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests2025-12-24
OSV
CVE-2023-54108: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message an2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests2025-12-24
Debian
CVE-2023-54108: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2x...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54108 Impact, Exploitability, and Mitigation Steps | Wiz