CVE-2023-54083

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy the port dev, it will destroy its dev driver as well. But we did not remove the reference from usb-phy dev. This might cause the use-after-free issue in KASAN.

Vendor	Product	Versions
Linux	Linux	affected `e8f7d2f409a15c519d5a6085777d85c1c4bab73a - < b6a107c52073496d2e5d2837915f59fb3103832f` affected `e8f7d2f409a15c519d5a6085777d85c1c4bab73a - < b84998a407a882991916b1a61d987c400d8a0ce6` affected `e8f7d2f409a15c519d5a6085777d85c1c4bab73a - < 238edc04ddb9d272b38f5419bcd419ad3b92b91b` affected `e8f7d2f409a15c519d5a6085777d85c1c4bab73a - < 82187460347ad58fd6b06d2883da73c3f2df9631` affected `e8f7d2f409a15c519d5a6085777d85c1c4bab73a - < c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d`
Linux	Linux	affected `5.7` unaffected `0 - < 5.7` unaffected `5.10.188 - <= 5.10.` unaffected `5.15.121 - <= 5.15.` unaffected `6.1.39 - <= 6.1.*` +2 more versions

References

https://git.kernel.org/stable/c/b6a107c52073496d2e5d2837915f59fb3103832f

https://git.kernel.org/stable/c/b84998a407a882991916b1a61d987c400d8a0ce6

https://git.kernel.org/stable/c/238edc04ddb9d272b38f5419bcd419ad3b92b91b

https://git.kernel.org/stable/c/82187460347ad58fd6b06d2883da73c3f2df9631

https://git.kernel.org/stable/c/c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54083

Description

Affected Products

References