CVE-2023-54159Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu transfer irq, it will unlock @mtu->lock before give back request, if another thread handle disconnect event at the same time, and try to disable ep, it may lock @mtu->lock and free qmu ring, then qmu irq hanlder may get a NULL gpd, avoid the KE by checking gpd's value before handling it. e.g. qmu done irq on cpu0 thread running on cpu1 qmu_done_tx()

Affected Packages4 packages

Linuxlinux/linux_kernel5.2.05.4.243+5
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux48e0d3735aa557a8adaf94632ca3cf78798e850526ca30516b2c49dd04c134cbdf122311c538df98+7
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
usb: mtu3: fix kernel panic at qmu transfer done irq handler2025-12-24
GHSA
GHSA-mgqh-xx5m-2h5f: In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu tra2025-12-24
OSV
CVE-2023-54159: In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu trans2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: usb: mtu3: fix kernel panic at qmu transfer done irq handler2025-12-24
Debian
CVE-2023-54159: linux - In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54159 Impact, Exploitability, and Mitigation Steps | Wiz