CVE-2023-54186
Unknown Unknown - Not Provided
Use-After-Free in Linux Kernel USB Type-C DisplayPort Component

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show when get_current_pin_assignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN: use-after-free in pin_assignment_show+0x26c/0x33c ... Call trace: dump_backtrace+0x110/0x204 dump_stack_lvl+0x84/0xbc print_report+0x358/0x974 kasan_report+0x9c/0xfc __do_kernel_fault+0xd4/0x2d4 do_bad_area+0x48/0x168 do_tag_check_fault+0x24/0x38 do_mem_abort+0x6c/0x14c el1_abort+0x44/0x68 el1h_64_sync_handler+0x64/0xa4 el1h_64_sync+0x78/0x7c pin_assignment_show+0x26c/0x33c dev_attr_show+0x50/0xc0
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-15
NVD
CVE-2023-54186
EUVD
EUVD-2023-60455
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a bug in the Linux kernel's USB Type-C alternate modes DisplayPort implementation. Specifically, it involves a negative indexing issue in the pin_assignment_show function when no compatible pin assignments are found, leading to a use-after-free error. This means the kernel attempts to access memory that has already been freed, which can cause system instability or crashes.

Impact Analysis

The vulnerability can cause system instability or crashes due to the use-after-free error in the kernel. This could potentially lead to denial of service or unexpected behavior when interacting with USB Type-C DisplayPort alternate modes.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54186. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart