CVE-2023-54323Race Condition within a Thread in Linux

CWE-366Race Condition within a Thread7 documents6 sources
Severity
4.7MEDIUM
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxl_pci; modprobe -r cxl_pci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040 [..] RIP: 0010:cxl_internal_send_cmd+0x5/0xb0 [cxl_core] [..] Call Trace: cxl_pmem_ctl+0x121/0x240 [cxl_pmem] nvdimm_get_config_data+0xd6/0x1a0 [libnvdimm] nd_label_data_init+0x135/0x7e0 [libnvdimm]

Affected Packages4 packages

Linuxlinux/linux_kernel5.14.06.1.16+1
Debianlinux/linux_kernel< 6.1.20-1+2
CVEListV5linux/linux21083f51521fb0f60dbac591f175c3ed48435af4a371788d4f4a7f59eecd22644331d599979fd283+3
debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54323: In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprob2025-12-30
GHSA
GHSA-9rp2-rcxm-vpww: In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modp2025-12-30
OSV
cxl/pmem: Fix nvdimm registration races2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: cxl/pmem: Fix nvdimm registration races2025-12-30
Debian
CVE-2023-54323: linux - In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: F...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54323 Impact, Exploitability, and Mitigation Steps | Wiz