CVE-2023-54087
Null Pointer Dereference in Linux Kernel UBI Volume Management
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a null pointer dereference in the Linux kernel's ubi_free_volume() function. It occurs when ubi_add_volume() fails during device registration, leading to kill_volumes() calling ubi_free_volume(), which attempts to delete devices that were never successfully added. This causes a null pointer dereference because ubi_free_volume() does not check if the device was added before trying to delete it. The fix involves handling the error case in ubi_add_volume() by setting the corresponding volume to null if adding the volume fails, preventing access to invalid volumes during cleanup.
How can this vulnerability impact me? :
This vulnerability can cause a null pointer dereference in the Linux kernel, which may lead to a kernel crash or system instability. Such crashes can result in denial of service, affecting the availability of the system or device using the affected Linux kernel.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version where the ubi_free_volume() function properly handles error cases in ubi_add_volume(), ensuring that volumes are set to null if adding fails. This prevents null pointer dereferences by avoiding attempts to delete devices that were not successfully added.