PT-2025-54003 · Linux · Linux Kernel
Published
2025-12-30
·
Updated
2026-01-01
·
CVE-2023-54174
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contains a flaw where a NULL pointer dereference can occur due to an uninitialized
group->iommufd. This issue is present in the iommufd ctx put() function and can be triggered through the vfio group fops unl ioctl function. The issue results in a kernel panic, as indicated by a 'BUG: kernel NULL pointer dereference' message. The call trace includes iommufd ctx put, vfio group fops unl ioctl, and system call functions.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel