CVE-2023-54026

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc3

Description A use-after-free issue exists in the Linux kernel related to the handling of OPP (Operational Power Policy) tables after probe deferral. Specifically, when dev pm opp of find icc paths() in allocate opp table() returns -EPROBE DEFER, the OPP table may be freed prematurely. If the OPP table is already added to the global lazy opp tables list, subsequent access can lead to a kernel crash. This occurs because the error path does not remove the table from the list before it is freed. The issue manifests as a kernel NULL pointer dereference during iteration over OPP tables that have already been freed, specifically within the of add opp table v2 function.

Recommendations Update to Linux kernel version 6.4.0-rc3 or later.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-54026

RHSA-2024:2394

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Linux Kernel

CVE-2023-54026

Related Identifiers

Affected Products

References · 2178