CVE-2023-54053

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: pcie: fix possible NULL pointer dereference

It is possible that iwl_pci_probe() will fail and free the trans,
then afterwards iwl_pci_remove() will be called and crash by trying
to access trans which is already freed, fix it.

iwlwifi 0000:01:00.0: Detected crf-id 0xa5a5a5a2, cnv-id 0xa5a5a5a2
		      wfpm id 0xa5a5a5a2
iwlwifi 0000:01:00.0: Can't find a correct rfid for crf id 0x5a2
...
BUG: kernel NULL pointer dereference, address: 0000000000000028
...
RIP: 0010:iwl_pci_remove+0x12/0x30 [iwlwifi]
pci_device_remove+0x3e/0xb0
device_release_driver_internal+0x103/0x1f0
driver_detach+0x4c/0x90
bus_remove_driver+0x5c/0xd0
driver_unregister+0x31/0x50
pci_unregister_driver+0x40/0x90
iwl_pci_unregister_driver+0x15/0x20 [iwlwifi]
__exit_compat+0x9/0x98 [iwlwifi]
__x64_sys_delete_module+0x147/0x260
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.17.12-1
fixed
sid
6.17.13-1
fixed
References
https://git.kernel.org/stable/c/0f9a1bcb94016d3a3c455a77b01f6bb06e15f6eb
https://git.kernel.org/stable/c/0fc0d287c1e7dcb39a3b9bb0f8679cd68c2156c7
https://git.kernel.org/stable/c/7545f21eee1356ec98581125c4dba9c4c0cc7397
https://git.kernel.org/stable/c/b655b9a9f8467684cfa8906713d33b71ea8c8f54
https://git.kernel.org/stable/c/dcd23aa6cc0ded7950b60ce1badb80b84045c6c0
https://git.kernel.org/stable/c/f6f2d16c77f936041b8ac495fceabded4ec6c83c