U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2023-54044 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observed when removing the QCOM SPMI PMIC driver: dump_backtrace.cfi_jt+0x0/0x8 dump_stack_lvl+0xd8/0x16c panic+0x188/0x498 __cfi_slowpath+0x0/0x214 __cfi_slowpath+0x1dc/0x214 spmi_drv_remove+0x16c/0x1e0 device_release_driver_internal+0x468/0x79c driver_detach+0x11c/0x1a0 bus_remove_driver+0xc4/0x124 driver_unregister+0x58/0x84 cleanup_module+0x1c/0xc24 [qcom_spmi_pmic] __do_sys_delete_module+0x3ec/0x53c __arm64_sys_delete_module+0x18/0x28 el0_svc_common+0xdc/0x294 el0_svc+0x38/0x9c el0_sync_handler+0x8c/0xf0 el0_sync+0x1b4/0x1c0 If a driver has all its resources allocated through devm_() APIs and does not need any other explicit cleanup, it would not require a remove callback to be defined. Hence, add a check for remove callback presence before calling it when removing a SPMI driver.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/0f3ef30c1c05502f5de3b73b3715d5994845c1b4 kernel.org
https://git.kernel.org/stable/c/428cc252701d6864151f3a296ffc23e1e49a7408 kernel.org
https://git.kernel.org/stable/c/54dda732225555dc6d660e95793c54a0a44b612c kernel.org
https://git.kernel.org/stable/c/699949219e35fe29fd42ccf8cd92c989c3d15109 kernel.org
https://git.kernel.org/stable/c/af763c29b9e7040fedd0077bca053b101438a3a4 kernel.org
https://git.kernel.org/stable/c/b56eef3e16d888883fefab47425036de80dd38fc kernel.org
https://git.kernel.org/stable/c/b95a69214daea4aab1c8bad96571d988a62e2c97 kernel.org
https://git.kernel.org/stable/c/c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4b kernel.org
https://git.kernel.org/stable/c/ee0b6146317a98bfec848d7bde5586beb245a38f kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2023-54044
NVD Published Date:
12/24/2025
NVD Last Modified:
12/24/2025
Source:
kernel.org