CVE-2023-54271 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:_raw_spin_lock+0x17/0x30 Code: be 01 02 00 00 e8 79 38 39 ff 31 d2 89 d0 5d c3 0f 1f 00 0f 1f 44 00 00 55 48 89 e5 65 ff 05 48 d0 34 7e b9 01 00 00 00 31 c0 0f b1 0f 75 02 5d c3 89 c6 e8 ea 04 00 00 5d c3 0f 1f 84 00 00 …

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.4.0 — 6.4.16+1

▶Debianlinux/linux_kernel< 6.5.3-1+1

▶CVEListV5linux/linux9d179b865449b351ad5cb76dbea480c9170d4a27 — e39ef7880d1057b2ebcdb013405f4d84a257db23+3

▶debiandebian/linux< linux 6.5.3-1 (forky)

🔴Vulnerability Details

OSV

blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init↗2025-12-30

▶

GHSA

GHSA-jw53-vfm2-vf66: In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init↗2025-12-30

▶

OSV

CVE-2023-54271: In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel: Denial of Service via NULL pointer dereference in blk-cgroup↗2025-12-30

▶

Debian

CVE-2023-54271: linux - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup:...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54271 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶