What is CVE-2023-54235?

CVE-2023-54235 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.1.24 onward and patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-54235 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-54235?

CVE-2023-54235 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-54235?

Yes, CVE-2023-54235 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 6.1.24 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-54235 actively exploited?

CVE-2023-54235 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-54235

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was observed in testing: ODEBUG: free active (active state 0) object: 0000000097d23782 object type: work_struct hint: doe_statemachine_work+0x0/0x510 WARNING: CPU: 1 PID: 71 at lib/debugobjects.c:514 debug_print_object+0x7d/0xb0 ... Workqueue: pci 0000:36:00.0 DOE [1 doe_statemachine_work RIP: 0010:debug_print_object+0x7d/0xb0 ... Call Trace: ? debug_print_object+0x7d/0xb0 ? __pfx_doe_statemachine_work+0x10/0x10 debug_object_free.part.0+0x11b/0x150 doe_statemachine_work+0x45e/0x510 process_one_work+0x1d4/0x3c0 This occurs because destroy_work_on_stack() was called after signaling the completion in the calling thread. This creates a race between destroy_work_on_stack() and the task->work struct going out of scope in pci_doe(). Signal the work complete after destroying the work struct. This is safe because signal_task_complete() is the final thing the work item does and the workqueue code is careful not to access the work struct after.

Package Linux Kernel

Published 2025-12-30

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 6.1.24, 6.2.11, 6.3 and later are affected. Fixed in 6.1.53, 6.4.16, 6.5.3, 6.6 and their respective stable series.

Affected from

≥ 6.1.24 ≥ 6.2.11 ≥ 6.3

Fixed in

✓ 6.1.53 6.1.x ✓ 6.4.16 6.4.x ✓ 6.5.3 6.5.x ✓ 6.6

References

The following references provide additional information about CVE-2023-54235 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/19cf3ba16dcc2ef059dcf010072d4f96d76486e0
Patch
Kernel patch commit
https://git.kernel.org/stable/c/c4f9c0a3a6df143f2e1092823b7fa9e07d6ab57f
Patch
Kernel patch commit
https://git.kernel.org/stable/c/d96799ee3b78962c80e4b6653734f488f999ca09
Patch

4 patch commits total View all on NVD

Frequently asked questions

What is CVE-2023-54235?

CVE-2023-54235 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.1.24 onward and has been patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-54235 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-54235?

Yes — CVE-2023-54235 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 6.1.24 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-54235 actively exploited?

No — CVE-2023-54235 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.