FKIE_CVE-2023-54044

Vulnerability from fkie_nvd - Published: 2025-12-24 13:16 - Updated: 2025-12-24 13:16
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observed when removing the QCOM SPMI PMIC driver: dump_backtrace.cfi_jt+0x0/0x8 dump_stack_lvl+0xd8/0x16c panic+0x188/0x498 __cfi_slowpath+0x0/0x214 __cfi_slowpath+0x1dc/0x214 spmi_drv_remove+0x16c/0x1e0 device_release_driver_internal+0x468/0x79c driver_detach+0x11c/0x1a0 bus_remove_driver+0xc4/0x124 driver_unregister+0x58/0x84 cleanup_module+0x1c/0xc24 [qcom_spmi_pmic] __do_sys_delete_module+0x3ec/0x53c __arm64_sys_delete_module+0x18/0x28 el0_svc_common+0xdc/0x294 el0_svc+0x38/0x9c el0_sync_handler+0x8c/0xf0 el0_sync+0x1b4/0x1c0 If a driver has all its resources allocated through devm_() APIs and does not need any other explicit cleanup, it would not require a remove callback to be defined. Hence, add a check for remove callback presence before calling it when removing a SPMI driver.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0f3ef30c1c05502f5de3b73b3715d5994845c1b4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/428cc252701d6864151f3a296ffc23e1e49a7408
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/54dda732225555dc6d660e95793c54a0a44b612c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/699949219e35fe29fd42ccf8cd92c989c3d15109
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/af763c29b9e7040fedd0077bca053b101438a3a4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b56eef3e16d888883fefab47425036de80dd38fc
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b95a69214daea4aab1c8bad96571d988a62e2c97
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ee0b6146317a98bfec848d7bde5586beb245a38f
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspmi: Add a check for remove callback when removing a SPMI driver\n\nWhen removing a SPMI driver, there can be a crash due to NULL pointer\ndereference if it does not have a remove callback defined. This is\none such call trace observed when removing the QCOM SPMI PMIC driver:\n\n dump_backtrace.cfi_jt+0x0/0x8\n dump_stack_lvl+0xd8/0x16c\n panic+0x188/0x498\n __cfi_slowpath+0x0/0x214\n __cfi_slowpath+0x1dc/0x214\n spmi_drv_remove+0x16c/0x1e0\n device_release_driver_internal+0x468/0x79c\n driver_detach+0x11c/0x1a0\n bus_remove_driver+0xc4/0x124\n driver_unregister+0x58/0x84\n cleanup_module+0x1c/0xc24 [qcom_spmi_pmic]\n __do_sys_delete_module+0x3ec/0x53c\n __arm64_sys_delete_module+0x18/0x28\n el0_svc_common+0xdc/0x294\n el0_svc+0x38/0x9c\n el0_sync_handler+0x8c/0xf0\n el0_sync+0x1b4/0x1c0\n\nIf a driver has all its resources allocated through devm_() APIs and\ndoes not need any other explicit cleanup, it would not require a\nremove callback to be defined. Hence, add a check for remove callback\npresence before calling it when removing a SPMI driver."
    }
  ],
  "id": "CVE-2023-54044",
  "lastModified": "2025-12-24T13:16:06.030",
  "metrics": {},
  "published": "2025-12-24T13:16:06.030",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0f3ef30c1c05502f5de3b73b3715d5994845c1b4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/428cc252701d6864151f3a296ffc23e1e49a7408"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/54dda732225555dc6d660e95793c54a0a44b612c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/699949219e35fe29fd42ccf8cd92c989c3d15109"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/af763c29b9e7040fedd0077bca053b101438a3a4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b56eef3e16d888883fefab47425036de80dd38fc"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b95a69214daea4aab1c8bad96571d988a62e2c97"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/ee0b6146317a98bfec848d7bde5586beb245a38f"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Received"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.