CVE-2023-54308 (GCVE-0-2023-54308)

Vulnerability from cvelistv5 – Published: 2025-12-30 12:23 – Updated: 2025-12-30 12:23
VLAI?
Title
ALSA: ymfpci: Create card with device-managed snd_devm_card_new()
Summary
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snd_devm_card_new() snd_card_ymfpci_remove() was removed in commit c6e6bb5eab74 ("ALSA: ymfpci: Allocate resources with device-managed APIs"), but the call to snd_card_new() was not replaced with snd_devm_card_new(). Since there was no longer a call to snd_card_free, unloading the module would eventually result in Oops: [697561.532887] BUG: unable to handle page fault for address: ffffffffc0924480 [697561.532893] #PF: supervisor read access in kernel mode [697561.532896] #PF: error_code(0x0000) - not-present page [697561.532899] PGD ae1e15067 P4D ae1e15067 PUD ae1e17067 PMD 11a8f5067 PTE 0 [697561.532905] Oops: 0000 [#1] PREEMPT SMP NOPTI [697561.532909] CPU: 21 PID: 5080 Comm: wireplumber Tainted: G W OE 6.2.7 #1 [697561.532914] Hardware name: System manufacturer System Product Name/TUF GAMING X570-PLUS, BIOS 4408 10/28/2022 [697561.532916] RIP: 0010:try_module_get.part.0+0x1a/0xe0 [697561.532924] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 49 89 fc bf 01 00 00 00 e8 56 3c f8 ff <41> 83 3c 24 02 0f 84 96 00 00 00 41 8b 84 24 30 03 00 00 85 c0 0f [697561.532927] RSP: 0018:ffffbe9b858c3bd8 EFLAGS: 00010246 [697561.532930] RAX: ffff9815d14f1900 RBX: ffff9815c14e6000 RCX: 0000000000000000 [697561.532933] RDX: 0000000000000000 RSI: ffffffffc055092c RDI: ffffffffb3778c1a [697561.532935] RBP: ffffbe9b858c3be8 R08: 0000000000000040 R09: ffff981a1a741380 [697561.532937] R10: ffffbe9b858c3c80 R11: 00000009d56533a6 R12: ffffffffc0924480 [697561.532939] R13: ffff9823439d8500 R14: 0000000000000025 R15: ffff9815cd109f80 [697561.532942] FS: 00007f13084f1f80(0000) GS:ffff9824aef40000(0000) knlGS:0000000000000000 [697561.532945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [697561.532947] CR2: ffffffffc0924480 CR3: 0000000145344000 CR4: 0000000000350ee0 [697561.532949] Call Trace: [697561.532951] <TASK> [697561.532955] try_module_get+0x13/0x30 [697561.532960] snd_ctl_open+0x61/0x1c0 [snd] [697561.532976] snd_open+0xb4/0x1e0 [snd] [697561.532989] chrdev_open+0xc7/0x240 [697561.532995] ? fsnotify_perm.part.0+0x6e/0x160 [697561.533000] ? __pfx_chrdev_open+0x10/0x10 [697561.533005] do_dentry_open+0x169/0x440 [697561.533009] vfs_open+0x2d/0x40 [697561.533012] path_openat+0xa9d/0x10d0 [697561.533017] ? debug_smp_processor_id+0x17/0x20 [697561.533022] ? trigger_load_balance+0x65/0x370 [697561.533026] do_filp_open+0xb2/0x160 [697561.533032] ? _raw_spin_unlock+0x19/0x40 [697561.533036] ? alloc_fd+0xa9/0x190 [697561.533040] do_sys_openat2+0x9f/0x160 [697561.533044] __x64_sys_openat+0x55/0x90 [697561.533048] do_syscall_64+0x3b/0x90 [697561.533052] entry_SYSCALL_64_after_hwframe+0x72/0xdc [697561.533056] RIP: 0033:0x7f1308a40db4 [697561.533059] Code: 24 20 eb 8f 66 90 44 89 54 24 0c e8 46 68 f8 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 78 68 f8 ff 8b 44 [697561.533062] RSP: 002b:00007ffcce664450 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [697561.533066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1308a40db4 [697561.533068] RDX: 0000000000080000 RSI: 00007ffcce664690 RDI: 00000000ffffff9c [697561.533070] RBP: 00007ffcce664690 R08: 0000000000000000 R09: 0000000000000012 [697561.533072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080000 [697561.533074] R13: 00007f13054b069b R14: 0000565209f83200 R15: 0000000000000000 [697561.533078] </TASK>
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: c6e6bb5eab7457a938c0405d5ccf319d3ee735c1 , < 95642872c466030240199ba796a40771c493ed0c (git)
Affected: c6e6bb5eab7457a938c0405d5ccf319d3ee735c1 , < db7d7782677ff998c06997903d5400a0ba91cebb (git)
Affected: c6e6bb5eab7457a938c0405d5ccf319d3ee735c1 , < 255a81a89501df77379b51a81c7a2e8e7c359bc6 (git)
Affected: c6e6bb5eab7457a938c0405d5ccf319d3ee735c1 , < f33fc1576757741479452255132d6e3aaf558ffe (git)
Create a notification for this product.
    Linux Linux Affected: 5.15
Unaffected: 0 , < 5.15 (semver)
Unaffected: 5.15.106 , ≤ 5.15.* (semver)
Unaffected: 6.1.23 , ≤ 6.1.* (semver)
Unaffected: 6.2.10 , ≤ 6.2.* (semver)
Unaffected: 6.3 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/pci/ymfpci/ymfpci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "95642872c466030240199ba796a40771c493ed0c",
              "status": "affected",
              "version": "c6e6bb5eab7457a938c0405d5ccf319d3ee735c1",
              "versionType": "git"
            },
            {
              "lessThan": "db7d7782677ff998c06997903d5400a0ba91cebb",
              "status": "affected",
              "version": "c6e6bb5eab7457a938c0405d5ccf319d3ee735c1",
              "versionType": "git"
            },
            {
              "lessThan": "255a81a89501df77379b51a81c7a2e8e7c359bc6",
              "status": "affected",
              "version": "c6e6bb5eab7457a938c0405d5ccf319d3ee735c1",
              "versionType": "git"
            },
            {
              "lessThan": "f33fc1576757741479452255132d6e3aaf558ffe",
              "status": "affected",
              "version": "c6e6bb5eab7457a938c0405d5ccf319d3ee735c1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/pci/ymfpci/ymfpci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.106",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.106",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.23",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.10",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ymfpci: Create card with device-managed snd_devm_card_new()\n\nsnd_card_ymfpci_remove() was removed in commit c6e6bb5eab74 (\"ALSA:\nymfpci: Allocate resources with device-managed APIs\"), but the call to\nsnd_card_new() was not replaced with snd_devm_card_new().\n\nSince there was no longer a call to snd_card_free, unloading the module\nwould eventually result in Oops:\n\n[697561.532887] BUG: unable to handle page fault for address: ffffffffc0924480\n[697561.532893] #PF: supervisor read access in kernel mode\n[697561.532896] #PF: error_code(0x0000) - not-present page\n[697561.532899] PGD ae1e15067 P4D ae1e15067 PUD ae1e17067 PMD 11a8f5067 PTE 0\n[697561.532905] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[697561.532909] CPU: 21 PID: 5080 Comm: wireplumber Tainted: G        W  OE      6.2.7 #1\n[697561.532914] Hardware name: System manufacturer System Product Name/TUF GAMING X570-PLUS, BIOS 4408 10/28/2022\n[697561.532916] RIP: 0010:try_module_get.part.0+0x1a/0xe0\n[697561.532924] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 49 89 fc bf 01 00 00 00 e8 56 3c f8 ff \u003c41\u003e 83 3c 24 02 0f 84 96 00 00 00 41 8b 84 24 30 03 00 00 85 c0 0f\n[697561.532927] RSP: 0018:ffffbe9b858c3bd8 EFLAGS: 00010246\n[697561.532930] RAX: ffff9815d14f1900 RBX: ffff9815c14e6000 RCX: 0000000000000000\n[697561.532933] RDX: 0000000000000000 RSI: ffffffffc055092c RDI: ffffffffb3778c1a\n[697561.532935] RBP: ffffbe9b858c3be8 R08: 0000000000000040 R09: ffff981a1a741380\n[697561.532937] R10: ffffbe9b858c3c80 R11: 00000009d56533a6 R12: ffffffffc0924480\n[697561.532939] R13: ffff9823439d8500 R14: 0000000000000025 R15: ffff9815cd109f80\n[697561.532942] FS:  00007f13084f1f80(0000) GS:ffff9824aef40000(0000) knlGS:0000000000000000\n[697561.532945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[697561.532947] CR2: ffffffffc0924480 CR3: 0000000145344000 CR4: 0000000000350ee0\n[697561.532949] Call Trace:\n[697561.532951]  \u003cTASK\u003e\n[697561.532955]  try_module_get+0x13/0x30\n[697561.532960]  snd_ctl_open+0x61/0x1c0 [snd]\n[697561.532976]  snd_open+0xb4/0x1e0 [snd]\n[697561.532989]  chrdev_open+0xc7/0x240\n[697561.532995]  ? fsnotify_perm.part.0+0x6e/0x160\n[697561.533000]  ? __pfx_chrdev_open+0x10/0x10\n[697561.533005]  do_dentry_open+0x169/0x440\n[697561.533009]  vfs_open+0x2d/0x40\n[697561.533012]  path_openat+0xa9d/0x10d0\n[697561.533017]  ? debug_smp_processor_id+0x17/0x20\n[697561.533022]  ? trigger_load_balance+0x65/0x370\n[697561.533026]  do_filp_open+0xb2/0x160\n[697561.533032]  ? _raw_spin_unlock+0x19/0x40\n[697561.533036]  ? alloc_fd+0xa9/0x190\n[697561.533040]  do_sys_openat2+0x9f/0x160\n[697561.533044]  __x64_sys_openat+0x55/0x90\n[697561.533048]  do_syscall_64+0x3b/0x90\n[697561.533052]  entry_SYSCALL_64_after_hwframe+0x72/0xdc\n[697561.533056] RIP: 0033:0x7f1308a40db4\n[697561.533059] Code: 24 20 eb 8f 66 90 44 89 54 24 0c e8 46 68 f8 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 78 68 f8 ff 8b 44\n[697561.533062] RSP: 002b:00007ffcce664450 EFLAGS: 00000293 ORIG_RAX: 0000000000000101\n[697561.533066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1308a40db4\n[697561.533068] RDX: 0000000000080000 RSI: 00007ffcce664690 RDI: 00000000ffffff9c\n[697561.533070] RBP: 00007ffcce664690 R08: 0000000000000000 R09: 0000000000000012\n[697561.533072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080000\n[697561.533074] R13: 00007f13054b069b R14: 0000565209f83200 R15: 0000000000000000\n[697561.533078]  \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:41.163Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/95642872c466030240199ba796a40771c493ed0c"
        },
        {
          "url": "https://git.kernel.org/stable/c/db7d7782677ff998c06997903d5400a0ba91cebb"
        },
        {
          "url": "https://git.kernel.org/stable/c/255a81a89501df77379b51a81c7a2e8e7c359bc6"
        },
        {
          "url": "https://git.kernel.org/stable/c/f33fc1576757741479452255132d6e3aaf558ffe"
        }
      ],
      "title": "ALSA: ymfpci: Create card with device-managed snd_devm_card_new()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54308",
    "datePublished": "2025-12-30T12:23:41.163Z",
    "dateReserved": "2025-12-30T12:06:44.530Z",
    "dateUpdated": "2025-12-30T12:23:41.163Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-54308\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-30T13:16:19.973\",\"lastModified\":\"2025-12-30T13:16:19.973\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nALSA: ymfpci: Create card with device-managed snd_devm_card_new()\\n\\nsnd_card_ymfpci_remove() was removed in commit c6e6bb5eab74 (\\\"ALSA:\\nymfpci: Allocate resources with device-managed APIs\\\"), but the call to\\nsnd_card_new() was not replaced with snd_devm_card_new().\\n\\nSince there was no longer a call to snd_card_free, unloading the module\\nwould eventually result in Oops:\\n\\n[697561.532887] BUG: unable to handle page fault for address: ffffffffc0924480\\n[697561.532893] #PF: supervisor read access in kernel mode\\n[697561.532896] #PF: error_code(0x0000) - not-present page\\n[697561.532899] PGD ae1e15067 P4D ae1e15067 PUD ae1e17067 PMD 11a8f5067 PTE 0\\n[697561.532905] Oops: 0000 [#1] PREEMPT SMP NOPTI\\n[697561.532909] CPU: 21 PID: 5080 Comm: wireplumber Tainted: G        W  OE      6.2.7 #1\\n[697561.532914] Hardware name: System manufacturer System Product Name/TUF GAMING X570-PLUS, BIOS 4408 10/28/2022\\n[697561.532916] RIP: 0010:try_module_get.part.0+0x1a/0xe0\\n[697561.532924] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 49 89 fc bf 01 00 00 00 e8 56 3c f8 ff \u003c41\u003e 83 3c 24 02 0f 84 96 00 00 00 41 8b 84 24 30 03 00 00 85 c0 0f\\n[697561.532927] RSP: 0018:ffffbe9b858c3bd8 EFLAGS: 00010246\\n[697561.532930] RAX: ffff9815d14f1900 RBX: ffff9815c14e6000 RCX: 0000000000000000\\n[697561.532933] RDX: 0000000000000000 RSI: ffffffffc055092c RDI: ffffffffb3778c1a\\n[697561.532935] RBP: ffffbe9b858c3be8 R08: 0000000000000040 R09: ffff981a1a741380\\n[697561.532937] R10: ffffbe9b858c3c80 R11: 00000009d56533a6 R12: ffffffffc0924480\\n[697561.532939] R13: ffff9823439d8500 R14: 0000000000000025 R15: ffff9815cd109f80\\n[697561.532942] FS:  00007f13084f1f80(0000) GS:ffff9824aef40000(0000) knlGS:0000000000000000\\n[697561.532945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[697561.532947] CR2: ffffffffc0924480 CR3: 0000000145344000 CR4: 0000000000350ee0\\n[697561.532949] Call Trace:\\n[697561.532951]  \u003cTASK\u003e\\n[697561.532955]  try_module_get+0x13/0x30\\n[697561.532960]  snd_ctl_open+0x61/0x1c0 [snd]\\n[697561.532976]  snd_open+0xb4/0x1e0 [snd]\\n[697561.532989]  chrdev_open+0xc7/0x240\\n[697561.532995]  ? fsnotify_perm.part.0+0x6e/0x160\\n[697561.533000]  ? __pfx_chrdev_open+0x10/0x10\\n[697561.533005]  do_dentry_open+0x169/0x440\\n[697561.533009]  vfs_open+0x2d/0x40\\n[697561.533012]  path_openat+0xa9d/0x10d0\\n[697561.533017]  ? debug_smp_processor_id+0x17/0x20\\n[697561.533022]  ? trigger_load_balance+0x65/0x370\\n[697561.533026]  do_filp_open+0xb2/0x160\\n[697561.533032]  ? _raw_spin_unlock+0x19/0x40\\n[697561.533036]  ? alloc_fd+0xa9/0x190\\n[697561.533040]  do_sys_openat2+0x9f/0x160\\n[697561.533044]  __x64_sys_openat+0x55/0x90\\n[697561.533048]  do_syscall_64+0x3b/0x90\\n[697561.533052]  entry_SYSCALL_64_after_hwframe+0x72/0xdc\\n[697561.533056] RIP: 0033:0x7f1308a40db4\\n[697561.533059] Code: 24 20 eb 8f 66 90 44 89 54 24 0c e8 46 68 f8 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 78 68 f8 ff 8b 44\\n[697561.533062] RSP: 002b:00007ffcce664450 EFLAGS: 00000293 ORIG_RAX: 0000000000000101\\n[697561.533066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1308a40db4\\n[697561.533068] RDX: 0000000000080000 RSI: 00007ffcce664690 RDI: 00000000ffffff9c\\n[697561.533070] RBP: 00007ffcce664690 R08: 0000000000000000 R09: 0000000000000012\\n[697561.533072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080000\\n[697561.533074] R13: 00007f13054b069b R14: 0000565209f83200 R15: 0000000000000000\\n[697561.533078]  \u003c/TASK\u003e\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/255a81a89501df77379b51a81c7a2e8e7c359bc6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/95642872c466030240199ba796a40771c493ed0c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/db7d7782677ff998c06997903d5400a0ba91cebb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f33fc1576757741479452255132d6e3aaf558ffe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.