PT-2025-53056 · Linux · Linux Kernel

Publicado

2023-05-08

Atualizado

2026-02-24

CVE-2023-54058

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc7

Description The Linux kernel contains a flaw within the arm ffa firmware component. Specifically, the code does not verify the presence of a removal callback function (ffa driver->remove()) before attempting to execute it during driver unregistration. This can lead to a NULL pointer dereference, potentially causing a kernel crash. The issue arises because the driver registration process does not mandate the presence of a .remove callback, and the code fails to check for it before calling it. This can result in an 'Unable to handle kernel NULL pointer dereference' error.

Recommendations Update to a version of the Linux kernel that includes the fix for this issue.

Exploit

Correção

Improper Resource Release

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-404CWE-476

Identificadores relacionados

BDU:2026-01248

CVE-2023-54058

SUSE-SU-2026:0263-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Produtos afetados

Linux Kernel

PT-2025-53056 · Linux · Linux Kernel

CVE-2023-54058

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 979