{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-54100","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-24T13:02:52.517Z","datePublished":"2025-12-24T13:06:26.560Z","dateUpdated":"2026-05-11T19:55:29.658Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:55:29.658Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedi: Fix use after free bug in qedi_remove()\n\nIn qedi_probe() we call __qedi_probe() which initializes\n&qedi->recovery_work with qedi_recovery_handler() and\n&qedi->board_disable_work with qedi_board_disable_work().\n\nWhen qedi_schedule_recovery_handler() is called, schedule_delayed_work()\nwill finally start the work.\n\nIn qedi_remove(), which is called to remove the driver, the following\nsequence may be observed:\n\nFix this by finishing the work before cleanup in qedi_remove().\n\nCPU0                  CPU1\n\n                     |qedi_recovery_handler\nqedi_remove          |\n  __qedi_remove      |\niscsi_host_free      |\nscsi_host_put        |\n//free shost         |\n                     |iscsi_host_for_each_session\n                     |//use qedi->shost\n\nCancel recovery_work and board_disable_work in __qedi_remove()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/qedi/qedi_main.c"],"versions":[{"version":"4b1068f5d74b6cc92319bd7eba40809b1222e73f","lessThan":"fa19c533ab19161298f0780bcc6523af88f6fd20","status":"affected","versionType":"git"},{"version":"4b1068f5d74b6cc92319bd7eba40809b1222e73f","lessThan":"5e756a59cee6a8a79b9059c5bdf0ecbf5bb8d151","status":"affected","versionType":"git"},{"version":"4b1068f5d74b6cc92319bd7eba40809b1222e73f","lessThan":"3738a230831e861503119ee2691c4a7dc56ed60a","status":"affected","versionType":"git"},{"version":"4b1068f5d74b6cc92319bd7eba40809b1222e73f","lessThan":"89f6023fc321c958a0fb11f143a6eb4544ae3940","status":"affected","versionType":"git"},{"version":"4b1068f5d74b6cc92319bd7eba40809b1222e73f","lessThan":"124027cd1a624ce0347adcd59241a9966a726b22","status":"affected","versionType":"git"},{"version":"4b1068f5d74b6cc92319bd7eba40809b1222e73f","lessThan":"c5749639f2d0a1f6cbe187d05f70c2e7c544d748","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/qedi/qedi_main.c"],"versions":[{"version":"5.7","status":"affected"},{"version":"0","lessThan":"5.7","status":"unaffected","versionType":"semver"},{"version":"5.10.180","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.112","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.29","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2.16","lessThanOrEqual":"6.2.*","status":"unaffected","versionType":"semver"},{"version":"6.3.3","lessThanOrEqual":"6.3.*","status":"unaffected","versionType":"semver"},{"version":"6.4","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.10.180"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.15.112"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.1.29"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.2.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.3.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/fa19c533ab19161298f0780bcc6523af88f6fd20"},{"url":"https://git.kernel.org/stable/c/5e756a59cee6a8a79b9059c5bdf0ecbf5bb8d151"},{"url":"https://git.kernel.org/stable/c/3738a230831e861503119ee2691c4a7dc56ed60a"},{"url":"https://git.kernel.org/stable/c/89f6023fc321c958a0fb11f143a6eb4544ae3940"},{"url":"https://git.kernel.org/stable/c/124027cd1a624ce0347adcd59241a9966a726b22"},{"url":"https://git.kernel.org/stable/c/c5749639f2d0a1f6cbe187d05f70c2e7c544d748"}],"title":"scsi: qedi: Fix use after free bug in qedi_remove()","x_generator":{"engine":"bippy-1.2.0"}}}}