CVE-2023-54235Race Condition within a Thread in Linux

CWE-366Race Condition within a Thread7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was observed in testing: ODEBUG: free active (active state 0) object: 0000000097d23782 object type: work_struct hint: doe_statemachine_work+0x0/0x510 WARNING: CPU: 1 PID: 71 at lib/debugobjects.c:514 debug_print_object+0x7d/0xb0 ... Workqueue: pci 0000:36:00.0 DOE [1 doe_statemachine_work RIP: 0010:debug_print_object+0x7d/0xb0 ... Call Trace: ? debug_p

Affected Packages4 packages

Linuxlinux/linux_kernel6.2.06.4.16+2
Debianlinux/linux_kernel< 6.1.55-1+2
CVEListV5linux/linux2a0e0f4773fe8032fb17e56f897bee32ce3cdc2bd96799ee3b78962c80e4b6653734f488f999ca09+5
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-68j8-v58c-g6h7: In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was o2025-12-30
OSV
PCI/DOE: Fix destroy_work_on_stack() race2025-12-30
OSV
CVE-2023-54235: In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was obs2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: PCI/DOE: Fix destroy_work_on_stack() race2025-12-30
Debian
CVE-2023-54235: linux - In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fi...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54235 Impact, Exploitability, and Mitigation Steps | Wiz