CVE-2023-54046
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/12/2025
Last modified:
24/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
crypto: essiv - Handle EBUSY correctly<br />
<br />
As it is essiv only handles the special return value of EINPROGERSS,<br />
which means that in all other cases it will free data related to the<br />
request.<br />
<br />
However, as the caller of essiv may specify MAY_BACKLOG, we also need<br />
to expect EBUSY and treat it in the same way. Otherwise backlogged<br />
requests will trigger a use-after-free.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/69c67d451fc19d88e54f7d97e8e7c093e08357e1
- https://git.kernel.org/stable/c/796e02cca30a67322161f0745e5ce994bbe75605
- https://git.kernel.org/stable/c/840a1d3b77c1b062bd62b4733969a5b1efc274ce
- https://git.kernel.org/stable/c/a006aa3eedb8bfd6fe317c3cfe9c86ffe76b2385
- https://git.kernel.org/stable/c/b5a772adf45a32c68bef28e60621f12617161556
- https://git.kernel.org/stable/c/c61e7d182ee3f3f5ecf18a2964e303d49c539b52