CVE-2023-54326
Unknown Unknown - Not Provided
Use-After-Free Race Condition in Linux pci_endpoint_test IRQ Handling

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device memory already released, causing the IRQ handler to access invalid memory, resulting in an oops. Free the device IRQs before removing the device to avoid this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-14
NVD
CVE-2023-54326
EUVD
EUVD-2023-60478
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's pci_endpoint_test driver. The issue is that IRQs (interrupt requests) are freed after the device is removed, creating a race condition where IRQs can be received while the device memory has already been released. This causes the IRQ handler to access invalid memory, leading to a kernel oops (crash). The fix is to free the IRQs before removing the device to prevent this race condition.

Impact Analysis

This vulnerability can cause the Linux kernel to crash (kernel oops) due to invalid memory access in the IRQ handler. This can lead to system instability, potential denial of service, and unexpected behavior on systems using the affected pci_endpoint_test driver.

Mitigation Strategies

Update the Linux kernel to a version where the pci_endpoint_test driver frees IRQs before removing the device, as this fixes the race condition causing invalid memory access. Ensuring your system runs this patched kernel version will mitigate the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54326. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart