PT-2025-53197 · Linux · Linux Kernel

Published

2023-04-10

Updated

2026-02-24

CVE-2023-54120

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists within the hidp session thread function, potentially leading to a use-after-free issue. Specifically, the timer may remain active while hidp del timer is invoked within the same thread. Subsequently, the session is freed after hidp session put, resulting in a kernel panic when hidp idle timeout is executed. The call trace includes functions such as hidp session probe, call timer fn, and run timers.part.0.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-02421

CVE-2023-54120

RHSA-2024:2394

SUSE-SU-2026:0263-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Affected Products

Linux Kernel

PT-2025-53197 · Linux · Linux Kernel

CVE-2023-54120

Weakness Enumeration

Related Identifiers

Affected Products

References · 1118