CVE-2023-54083
Published Dec 24, 2025
Modified Apr 15, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy the port dev, it will destroy its dev driver as well. But we did not remove the reference from usb-phy dev. This might cause the use-after-free issue in KASAN.
Is your site exposed to CVE-2023-54083?
Run a free security scan — no signup, results in seconds.
References
Other References
https://git.kernel.org/stable/c/238edc04ddb9d272b38f5419bcd419ad3b92b91b
https://git.kernel.org/stable/c/82187460347ad58fd6b06d2883da73c3f2df9631
https://git.kernel.org/stable/c/b6a107c52073496d2e5d2837915f59fb3103832f
https://git.kernel.org/stable/c/b84998a407a882991916b1a61d987c400d8a0ce6
https://git.kernel.org/stable/c/c0c2fcb1325d0d4f3b322b5ee49385f8eca2560d
Frequently Asked Questions
What is CVE-2023-54083? +
In the Linux kernel, the following vulnerability has been resolved:
phy: tegra: xusb: Clear the driver reference in usb-phy dev
For the dual-role port, it will assign the phy dev to usb-phy dev and
use the port dev driver as the dev driver of usb-phy.
When we try to destroy the port dev, it will destroy its dev driver
as well. But we did not remove the reference from usb-phy dev. This
might cause the use-after-free issue in KASAN.
How do I check if I'm vulnerable to CVE-2023-54083? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.