CVE-2023-54087

NONE EPSS 8.2%
Published Dec 24, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubi_free_volume() It willl cause null-ptr-deref in the following case: uif_init() ubi_add_volume() cdev_add() -> if it fails, call kill_volumes() device_register() kill_volumes() -> if ubi_add_volume() fails call this function ubi_free_volume() cdev_del() device_unregister() -> trying to delete a not added device, it causes null-ptr-deref So in ubi_free_volume(), it delete devices whether they are added or not, it will causes null-ptr-deref. Handle the error case whlie calling ubi_add_volume() to fix this problem. If add volume fails, set the corresponding vol to null, so it can not be accessed in kill_volumes() and release the resource in ubi_add_volume() error path.

Threat Intelligence

EPSS Exploit Probability
8.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/234c53e57424992e657e6f4acc00d3df0983176f
  • git.kernel.org https://git.kernel.org/stable/c/2ea7195b195009ecf0046e55361f393ba96d02db
  • git.kernel.org https://git.kernel.org/stable/c/45b2c5ca4d2edae70f19fdb086bd927840c4c309
  • git.kernel.org https://git.kernel.org/stable/c/5558bcf1c58720ca6e9d6198d921cb3aa337f038
  • git.kernel.org https://git.kernel.org/stable/c/5ec4c8aca5a221756a9007deadfea92795319fee
  • git.kernel.org https://git.kernel.org/stable/c/9eccdb0760cbcb4427b5303a83a3007de998af51
  • git.kernel.org https://git.kernel.org/stable/c/c15859bfd326c10230f09cb48a17f8a35f190342
  • git.kernel.org https://git.kernel.org/stable/c/fcbc795abe7897da4b5d2a6ab5010e36774b00c2

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.