DEBIAN-CVE-2023-54026
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-54026
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54026.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-54026
- Upstream
- Published
- 2025-12-24T11:15:55.610Z
- Modified
- 2025-12-25T11:19:36.164210Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazyopptables after probe deferral When devpmoppoffindiccpaths() in allocateopptable() returns -EPROBEDEFER, the opptable is freed again, to wait until all the interconnect paths are available. However, if the OPP table is using required-opps then it may already have been added to the global lazyopptables list. The error path does not remove the opptable from the list again. This can cause crashes later when the provider of the required-opps is added, since we will iterate over OPP tables that have already been freed. E.g.: Unable to handle kernel NULL pointer dereference when read CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.4.0-rc3 PC is at ofaddopptablev2 (include/linux/of.h:949 drivers/opp/of.c:98 drivers/opp/of.c:344 drivers/opp/of.c:404 drivers/opp/of.c:1032) -> lazylinkrequiredopptable() Fix this by calling _ofclearopptable() to remove the opptable from the list and clear other allocated resources. While at it, also add the missing mutexdestroy() calls in the error path.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.52-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source