CVE-2023-54310Signal Handler Race Condition in Linux

CWE-364Signal Handler Race Condition7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition mptlan_probe() calls mpt_register_lan_device() which initializes the &priv->post_buckets_task workqueue. A call to mpt_lan_wake_post_buckets_task() will subsequently start the work. During driver unload in mptlan_remove() the following race may occur: CPU0 CPU1 |mpt_lan_post_receive_buckets_work() mptlan_remove() | free_netdev() | kfree(d

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.124.14.316+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac292f869693d84e813895ff4d25363744575515423+8
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition2025-12-30
OSV
CVE-2023-54310: In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condi2025-12-30
GHSA
GHSA-52c3-vccj-p4f5: In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race cond2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition2025-12-30
Debian
CVE-2023-54310: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: messa...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54310 Impact, Exploitability, and Mitigation Steps | Wiz