CVE-2023-54256

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s USB DWC3 driver. A device side reset is incorrectly issued even when the DWC3 is configured as host-only during boot due to an uninitialized current dr role. This can lead to a kernel panic on some platforms with host-only DWC3 configurations when accessing the device register block. The issue stems from a commit (c4a5153e87fd) that replaced a check for HOST only dr mode with current dr role, but the latter is not initialized during boot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.