CVE-2023-54304 - Vulnerability Details

- firmware: meson_sm: fix to avoid potential NULL pointer dereference

Description

In the Linux kernel, the following vulnerability has been resolved:

firmware: meson_sm: fix to avoid potential NULL pointer dereference

of_match_device() may fail and returns a NULL pointer.

Fix this by checking the return value of of_match_device.

Published: 2025-12-30

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`525ae72d9f0b5cf027f1c78c84e41c90e86df026`	affected	< fba9c24c196310546f13c77ff66d0741155fa771
`8cde3c2153e8f57be884c0e73f18bc4de150e870`	affected	< 9f4017cac70c04090dd4f672e755d6c875af67d8
`8cde3c2153e8f57be884c0e73f18bc4de150e870`	affected	< 502dfc5875bab9ae5d6a2939146c2c5e5683be40
`8cde3c2153e8f57be884c0e73f18bc4de150e870`	affected	< bd3a6b6d5dd863dbbe17985c7612159cf4533cad
`8cde3c2153e8f57be884c0e73f18bc4de150e870`	affected	< 68f3209546b5083f8bffa46f7173cc05191eace1
`8cde3c2153e8f57be884c0e73f18bc4de150e870`	affected	< 2d6c4a1a4e6678cb98dd57964f133a995ecc91c1
`8cde3c2153e8f57be884c0e73f18bc4de150e870`	affected	< f2ed165619c16577c02b703a114a1f6b52026df4

Linux

affected

Version	Status	Constraints
`5.5`	affected	—
`0`	unaffected	< 5.5
`5.10.195`	unaffected	≤ 5.10.*
`5.15.132`	unaffected	≤ 5.15.*
`6.1.53`	unaffected	≤ 6.1.*
`6.4.16`	unaffected	≤ 6.4.*
`6.5.3`	unaffected	≤ 6.5.*
`6.6`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00047.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/2d6c4a1a4e6678cb98dd57964f133a995ecc91c1
https://git.kernel.org/stable/c/502dfc5875bab9ae5d6a2939146c2c5e5683be40
https://git.kernel.org/stable/c/68f3209546b5083f8bffa46f7173cc05191eace1
https://git.kernel.org/stable/c/9f4017cac70c04090dd4f672e755d6c875af67d8
https://git.kernel.org/stable/c/bd3a6b6d5dd863dbbe17985c7612159cf4533cad
https://git.kernel.org/stable/c/f2ed165619c16577c02b703a114a1f6b52026df4
https://git.kernel.org/stable/c/fba9c24c196310546f13c77ff66d0741155fa771
https://lore.kernel.org/linux-cve-announce/2025123033-CVE-2023-54304-fefc@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54304
https://www.cve.org/CVERecord?id=CVE-2023-54304

History

Wed, 31 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025123033-CVE-2023-54304-fefc@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54304 https://www.cve.org/CVERecord?id=CVE-2023-54304

Tue, 30 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device.
Title		firmware: meson_sm: fix to avoid potential NULL pointer dereference
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2d6c4a1a4e6678cb98dd57964f133a995ecc91c1 https://git.kernel.org/stable/c/502dfc5875bab9ae5d6a2939146c2c5e5683be40 https://git.kernel.org/stable/c/68f3209546b5083f8bffa46f7173cc05191eace1 https://git.kernel.org/stable/c/9f4017cac70c04090dd4f672e755d6c875af67d8 https://git.kernel.org/stable/c/bd3a6b6d5dd863dbbe17985c7612159cf4533cad https://git.kernel.org/stable/c/f2ed165619c16577c02b703a114a1f6b52026df4 https://git.kernel.org/stable/c/fba9c24c196310546f13c77ff66d0741155fa771

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:23:38.495Z

Updated: 2026-05-11T19:59:22.677Z

Reserved: 2025-12-30T12:06:44.529Z

Link: CVE-2023-54304

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-30T13:16:19.543

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-54304

Redhat

Severity :

Publid Date: 2025-12-30T00:00:00Z

Links: CVE-2023-54304 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object