CVE-2023-54186

usb: typec: altmodes/displayport: fix pin_assignment_show

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show
when get_current_pin_assignments returns 0 i.e. no compatible pin
assignments are found. BUG: KASAN: use-after-free in pin_assignment_show+0x26c/0x33c
...
Call trace:
dump_backtrace+0x110/0x204
dump_stack_lvl+0x84/0xbc
print_report+0x358/0x974
kasan_report+0x9c/0xfc
__do_kernel_fault+0xd4/0x2d4
do_bad_area+0x48/0x168
do_tag_check_fault+0x24/0x38
do_mem_abort+0x6c/0x14c
el1_abort+0x44/0x68
el1h_64_sync_handler+0x64/0xa4
el1h_64_sync+0x78/0x7c
pin_assignment_show+0x26c/0x33c
dev_attr_show+0x50/0xc0

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-12-30 CVE Reserved
2025-12-30 CVE Published
2025-12-31 CVE Updated
2026-03-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/0e3bb7d6894d9b6e67d6382bb03a46a1dc989588	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/0e61a7432fcd4bca06f05b7f1c7d7cb461880fe2	2023-05-30
https://git.kernel.org/stable/c/4f9c0a7c272626cb6716ffc7800e8c73260cdce6	2023-05-30
https://git.kernel.org/stable/c/ff466f77d0a56719979c4234abd412abd98eae8f	2023-05-30
https://git.kernel.org/stable/c/fc0e18f95c88435bd8a1ceb540243cd7fbcd9781	2023-05-24
https://git.kernel.org/stable/c/08bd1be1c716fd50a7df48f82dcbc59a103082b5	2023-05-24
https://git.kernel.org/stable/c/54ee23e4ab263a495ace1eed43d3883212ece17f	2023-05-24
https://git.kernel.org/stable/c/d8f28269dd4bf9b55c3fb376ae31512730a96fce	2023-05-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 4.19.284 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 4.19.284"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.4.244 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.4.244"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.10.181 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.10.181"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 5.15.113 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 5.15.113"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.1.30 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.1.30"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.3.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.3.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19 < 6.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 6.4"		en		Affected