CVE-2023-54044

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observed when removing the QCOM SPMI PMIC driver: dump_backtrace.cfi_jt+0x0/0x8 dump_stack_lvl+0xd8/0x16c panic+0x188/0x498 __cfi_slowpath+0x0/0x214 __cfi_slowpath+0x1dc/0x214 spmi_drv_remove+0x16c/0x1e0 device_release_driver_internal+0x468/0x79c driver_detach+0x11c/0x1a0 bus_remove_driver+0xc4/0x124 driver_unregister+0x58/0x84 cleanup_module+0x1c/0xc24 [qcom_spmi_pmic] __do_sys_delete_module+0x3ec/0x53c __arm64_sys_delete_module+0x18/0x28 el0_svc_common+0xdc/0x294 el0_svc+0x38/0x9c el0_sync_handler+0x8c/0xf0 el0_sync+0x1b4/0x1c0 If a driver has all its resources allocated through devm_() APIs and does not need any other explicit cleanup, it would not require a remove callback to be defined. Hence, add a check for remove callback presence before calling it when removing a SPMI driver.

Vendor	Product	Versions
Linux	Linux	affected `5a86bf343976b9c8ab2f240bc866451fa67e5573 - < b95a69214daea4aab1c8bad96571d988a62e2c97` affected `5a86bf343976b9c8ab2f240bc866451fa67e5573 - < 699949219e35fe29fd42ccf8cd92c989c3d15109` affected `5a86bf343976b9c8ab2f240bc866451fa67e5573 - < 54dda732225555dc6d660e95793c54a0a44b612c` affected `5a86bf343976b9c8ab2f240bc866451fa67e5573 - < c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4b` affected `5a86bf343976b9c8ab2f240bc866451fa67e5573 - < ee0b6146317a98bfec848d7bde5586beb245a38f` +4 more versions
Linux	Linux	affected `3.15` unaffected `0 - < 3.15` unaffected `4.14.315 - <= 4.14.` unaffected `4.19.283 - <= 4.19.` unaffected `5.4.243 - <= 5.4.*` +6 more versions