CVE-2023-54234
- Source
- https://cve.org/CVERecord?id=CVE-2023-54234
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54234.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-54234
- Downstream
- Published
- 2025-12-30T12:11:25.021Z
- Modified
- 2025-12-30T20:24:34.638458Z
- Summary
- scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
Commit c1af985d27da ("scsi: mpi3mr: Add Event acknowledgment logic") introduced an array mrioc->evtackcmds but initialization of the array elements was missed. They are just zero cleared. The function mpi3mrcompleteevtack() refers hosttag field of the elements. Due to the zero value of the hosttag field, the function calls clearbit() for mrico->evtackcmdsbitmap with wrong bit index. This results in memory access to invalid address and "BUG: KASAN: use-after-free". This BUG was observed at eHBA-9600 firmware update to version 8.3.1.0. To fix it, add the missing initialization of mrioc->evtackcmds.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54234.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4e0dfdb48a824deac3dfbc67fb856ef2aee13529
- https://git.kernel.org/stable/c/67989091e11a974003ddf2ec39bc613df8eadd83
- https://git.kernel.org/stable/c/e39ea831ebad4ab15c4748cb62a397a8abcca36e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54234.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54234
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc1af985d27da2d530c22604644e9025810f57d7cFixed4e0dfdb48a824deac3dfbc67fb856ef2aee13529Fixed67989091e11a974003ddf2ec39bc613df8eadd83Fixede39ea831ebad4ab15c4748cb62a397a8abcca36e
Affected versions
v5.*
v5.16
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2