CVE-2023-54101 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to a use after free. Use hash_for_each_possible_safe() instead.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/256aace3a5d8c987183ba4832dffb36f48ea7d3b
https://git.kernel.org/stable/c/49fca83f6f3f0cafe5bf5b43e8ee81cf73c2d5e0
https://git.kernel.org/stable/c/c58da0ba3e5c86e51e2c1557afaf6f71e00c4533
https://git.kernel.org/stable/c/f16599e638073ef0b2828bb64f5e99138e9381b5

History

Wed, 24 Dec 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to a use after free. Use hash_for_each_possible_safe() instead.
Title		driver: soc: xilinx: use _safe loop iterator to avoid a use after free
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/256aace3a5d8c987183ba4832dffb36f48ea7d3b https://git.kernel.org/stable/c/49fca83f6f3f0cafe5bf5b43e8ee81cf73c2d5e0 https://git.kernel.org/stable/c/c58da0ba3e5c86e51e2c1557afaf6f71e00c4533 https://git.kernel.org/stable/c/f16599e638073ef0b2828bb64f5e99138e9381b5

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T13:06:27.234Z

Updated: 2025-12-24T13:06:27.234Z

Reserved: 2025-12-24T13:02:52.517Z

Link: CVE-2023-54101

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T13:16:11.997

Modified: 2025-12-24T13:16:11.997

Link: CVE-2023-54101

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54101", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T13:02:52.517Z", "datePublished": "2025-12-24T13:06:27.234Z", "dateUpdated": "2025-12-24T13:06:27.234Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T13:06:27.234Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver: soc: xilinx: use _safe loop iterator to avoid a use after free\n\nThe hash_for_each_possible() loop dereferences \"eve_data\" to get the\nnext item on the list. However the loop frees eve_data so it leads to\na use after free. Use hash_for_each_possible_safe() instead."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/soc/xilinx/xlnx_event_manager.c"], "versions": [{"version": "c7fdb2404f66131bc9c22e06f712717288826487", "lessThan": "49fca83f6f3f0cafe5bf5b43e8ee81cf73c2d5e0", "status": "affected", "versionType": "git"}, {"version": "c7fdb2404f66131bc9c22e06f712717288826487", "lessThan": "f16599e638073ef0b2828bb64f5e99138e9381b5", "status": "affected", "versionType": "git"}, {"version": "c7fdb2404f66131bc9c22e06f712717288826487", "lessThan": "256aace3a5d8c987183ba4832dffb36f48ea7d3b", "status": "affected", "versionType": "git"}, {"version": "c7fdb2404f66131bc9c22e06f712717288826487", "lessThan": "c58da0ba3e5c86e51e2c1557afaf6f71e00c4533", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/soc/xilinx/xlnx_event_manager.c"], "versions": [{"version": "5.17", "status": "affected"}, {"version": "0", "lessThan": "5.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.39", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.13", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.4", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "6.1.39"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "6.3.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "6.4.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/49fca83f6f3f0cafe5bf5b43e8ee81cf73c2d5e0"}, {"url": "https://git.kernel.org/stable/c/f16599e638073ef0b2828bb64f5e99138e9381b5"}, {"url": "https://git.kernel.org/stable/c/256aace3a5d8c987183ba4832dffb36f48ea7d3b"}, {"url": "https://git.kernel.org/stable/c/c58da0ba3e5c86e51e2c1557afaf6f71e00c4533"}], "title": "driver: soc: xilinx: use _safe loop iterator to avoid a use after free", "x_generator": {"engine": "bippy-1.2.0"}}}}