CVE-2023-54249 — Linux vulnerability

7 documents6 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer dereference.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.19.0 — 6.1.16+1

▶Debianlinux/linux_kernel< 6.1.20-1+2

▶CVEListV5linux/linuxe827569062a804c67b51930ce83a4cb886113cb7 — 353aea15d6edbd4e69e039356a1bd3e641f7d952+3

▶debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-6wgg-jc7h-xjpr: In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the S↗2025-12-30

▶

OSV

CVE-2023-54249: In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STO↗2025-12-30

▶

OSV

bus: mhi: ep: Only send -ENOTCONN status if client driver is available↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: bus: mhi: ep: Only send -ENOTCONN status if client driver is available↗2025-12-30

▶

Debian

CVE-2023-54249: linux - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: e...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54249 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶