CVE-2023-54249

Summary

In the Linux kernel, the following vulnerability has been resolved:

bus: mhi: ep: Only send -ENOTCONN status if client driver is available

For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe827569062a804c67b51930ce83a4cb886113cb7 < 353aea15d6edbd4e69e039356a1bd3e641f7d952affected
LinuxLinuxe827569062a804c67b51930ce83a4cb886113cb7 < 860ad591056d7e4dc30bc130b6ec6e6d70930c85affected
LinuxLinuxe827569062a804c67b51930ce83a4cb886113cb7 < e6cebcc27519dcf1652e604c73b9fd4f416987c0affected
LinuxLinux5.19affected
LinuxLinux0 < 5.19unaffected
LinuxLinux6.1.16 <= 6.1.*unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References