CVE-2023-54204Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, 1. the memory allocated in mmc_alloc_host() will be leaked 2. null-ptr-deref will happen when calling mmc_remove_host() in remove function spmmc_drv_remove() because deleting not added device. Fix this by checking the return value of mmc_add_host(). Moreover, I fixed the error handling path of spmmc_drv_probe

Affected Packages4 packages

Linuxlinux/linux_kernel6.2.06.4.12
Debianlinux/linux_kernel< 6.4.13-1+1
CVEListV5linux/linux4e268fed8b1861616af28f9cfb4eed8ca5d7af6c741a951f41929f39cae70c66d86d0754d3129d0a+2
debiandebian/linux< linux 6.4.13-1 (forky)

🔴Vulnerability Details

3
GHSA
GHSA-f722-q47q-2685: In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmc_add_host() mmc_add_host() may return2025-12-30
OSV
CVE-2023-54204: In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmc_add_host() mmc_add_host() may return e2025-12-30
OSV
mmc: sunplus: fix return value check of mmc_add_host()2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: mmc: sunplus: fix return value check of mmc_add_host()2025-12-30
Debian
CVE-2023-54204: linux - In the Linux kernel, the following vulnerability has been resolved: mmc: sunplu...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54204 Impact, Exploitability, and Mitigation Steps | Wiz