Null Pointer Dereference in Linux Kernel Driver Core Issue
CVE-2023-54321

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
30 December 2025

What is CVE-2023-54321?

The Linux kernel contains a vulnerability in the driver core where a null pointer dereference can occur during the device addition process. This issue arises when the device's driver is set but the driver is not fully bound. Specifically, if an error occurs post bus_add_device() call in device_add(), and bus_remove_device() is triggered without a corresponding device_bind_driver() call, it results in an attempt to access a null 'knode_driver'. The fix involves ensuring that the device's driver pointer is nulled out on error paths before any device removal processes occur.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 57eee3d23e8833ca18708b374c648235691942ba < 97aa8fb74bbe9aaf4ed5962a784f73b071bd16bf

Linux 57eee3d23e8833ca18708b374c648235691942ba < 2c59650d078b1b3f1ea50d5f8ee9fcc537dc02d3

Linux 57eee3d23e8833ca18708b374c648235691942ba < 7cf515bf9e8c2908dc170ecf2df117162a16c9c5

References

https://git.kernel.org/stable/c/97aa8fb74bbe9aaf4ed5962a7...
https://git.kernel.org/stable/c/2c59650d078b1b3f1ea50d5f8...
https://git.kernel.org/stable/c/7cf515bf9e8c2908dc170ecf2...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.