CVE-2023-54299NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data role swap causes the device to unregister all alt modes, however the usb hub will still send Attention messages even after failing to reregister the Alt Mode. type_altmode_attention currently does not verify whether or

Affected Packages4 packages

Linuxlinux/linux_kernel4.19.05.4.257+5
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux8a37d87d72f0c69f837229c04d2fcd7117ea57e75f71716772b88cbe0e1788f6a38d7871aff2120b+7
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54299: In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs wi2025-12-30
GHSA
GHSA-4784-9v76-jqjx: In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs2025-12-30
OSV
usb: typec: bus: verify partner exists in typec_altmode_attention2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: usb: typec: bus: verify partner exists in typec_altmode_attention2025-12-30
Debian
CVE-2023-54299: linux - In the Linux kernel, the following vulnerability has been resolved: usb: typec:...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54299 Impact, Exploitability, and Mitigation Steps | Wiz