CVE-2023-54108
Unknown Unknown - Not Provided
DMA Mapping Error in Linux qla2xxx Driver Causes Kernel Warning

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error [device address=0x00000002a3ff38d8] [size=1024 bytes] [mapped as single] WARNING: CPU: 0 PID: 2930 at kernel/dma/debug.c:1017 check_unmap+0xf42/0x1990 Call Trace: debug_dma_unmap_page+0xc9/0x100 qla_nvme_ls_unmap+0x141/0x210 [qla2xxx] Remove DMA mapping from the driver altogether, as it is already done by FC layer. This prevents the warning.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-15
NVD
CVE-2023-54108
EUVD
EUVD-2023-60337
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux kernel *
qlogic qla2xxx *
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the qla2xxx driver in the Linux kernel, where the driver incorrectly handled DMA (Direct Memory Access) API calls for NVMe LS requests. Specifically, the driver failed to properly check the DMA mapping and unmapping, causing warnings and potential issues in the kernel debug logs. The fix removes the DMA mapping from the driver because it is already handled by the Fibre Channel (FC) layer, preventing these warnings.

Impact Analysis

The vulnerability causes kernel warnings related to improper DMA mapping checks in the qla2xxx driver. While the description does not specify direct security impacts, such warnings could indicate potential instability or improper handling of memory mappings in the kernel, which might affect system reliability or debugging. The fix prevents these warnings by removing redundant DMA mapping calls.

Detection Guidance

This vulnerability can be detected by observing the specific warning message and call trace in the kernel logs on systems running debug kernels. Look for the message: 'DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error' along with the call trace involving 'check_unmap', 'debug_dma_unmap_page', and 'qla_nvme_ls_unmap'. You can use commands such as 'dmesg | grep qla2xxx' or 'journalctl -k | grep qla2xxx' to search for these warnings in kernel logs.

Mitigation Strategies

The immediate mitigation is to update the Linux kernel to a version where the qla2xxx driver has removed the redundant DMA mapping calls, as the Fibre Channel (FC) layer already handles DMA mapping. This update prevents the warning and fixes the vulnerability. Until then, monitoring for the warning messages can help identify affected systems.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54108. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart