CVE-2023-54249 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/353aea15d6edbd4e69e039356a1bd3e641f7d952
https://git.kernel.org/stable/c/860ad591056d7e4dc30bc130b6ec6e6d70930c85
https://git.kernel.org/stable/c/e6cebcc27519dcf1652e604c73b9fd4f416987c0

History

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer dereference.
Title		bus: mhi: ep: Only send -ENOTCONN status if client driver is available
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/353aea15d6edbd4e69e039356a1bd3e641f7d952 https://git.kernel.org/stable/c/860ad591056d7e4dc30bc130b6ec6e6d70930c85 https://git.kernel.org/stable/c/e6cebcc27519dcf1652e604c73b9fd4f416987c0

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:15:46.798Z

Updated: 2025-12-30T12:15:46.798Z

Reserved: 2025-12-30T12:06:44.514Z

Link: CVE-2023-54249

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-30T13:16:13.550

Modified: 2025-12-30T13:16:13.550

Link: CVE-2023-54249

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54249", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-30T12:06:44.514Z", "datePublished": "2025-12-30T12:15:46.798Z", "dateUpdated": "2025-12-30T12:15:46.798Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-30T12:15:46.798Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: ep: Only send -ENOTCONN status if client driver is available\n\nFor the STOP and RESET commands, only send the channel disconnect status\n-ENOTCONN if client driver is available. Otherwise, it will result in\nnull pointer dereference."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/bus/mhi/ep/main.c"], "versions": [{"version": "e827569062a804c67b51930ce83a4cb886113cb7", "lessThan": "353aea15d6edbd4e69e039356a1bd3e641f7d952", "status": "affected", "versionType": "git"}, {"version": "e827569062a804c67b51930ce83a4cb886113cb7", "lessThan": "860ad591056d7e4dc30bc130b6ec6e6d70930c85", "status": "affected", "versionType": "git"}, {"version": "e827569062a804c67b51930ce83a4cb886113cb7", "lessThan": "e6cebcc27519dcf1652e604c73b9fd4f416987c0", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/bus/mhi/ep/main.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.16", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.3", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.1.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.2.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/353aea15d6edbd4e69e039356a1bd3e641f7d952"}, {"url": "https://git.kernel.org/stable/c/860ad591056d7e4dc30bc130b6ec6e6d70930c85"}, {"url": "https://git.kernel.org/stable/c/e6cebcc27519dcf1652e604c73b9fd4f416987c0"}], "title": "bus: mhi: ep: Only send -ENOTCONN status if client driver is available", "x_generator": {"engine": "bippy-1.2.0"}}}}