CVE-2023-54244 — Race Condition within a Thread in Linux

CWE-366 — Race Condition within a Thread7 documents6 sources

Severity

4.7MEDIUM

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was already unloaded. Fix this by flushing the EC query workqueue when removing custom query handlers. Tested on a Acer Travelmate 4002WLMi

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.33 — 4.14.316+6

▶Debianlinux/linux_kernel< 5.10.191-1+3

▶CVEListV5linux/linuxa62e8f1978f49e52f87a711ff6711b323d4b12ff — 130e3eac51912f2c866e7d035992ede25f8feac0+9

▶debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-97qr-rh7x-rfq4: In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom quer↗2025-12-30

▶

OSV

ACPI: EC: Fix oops when removing custom query handlers↗2025-12-30

▶

OSV

CVE-2023-54244: In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: ACPI: EC: Fix oops when removing custom query handlers↗2025-12-30

▶

Debian

CVE-2023-54244: linux - In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: F...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54244 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶