{"id":"CVE-2023-54174","summary":"vfio: Fix NULL pointer dereference caused by uninitialized group-\u003eiommufd","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nvfio: Fix NULL pointer dereference caused by uninitialized group-\u003eiommufd\n\ngroup-\u003eiommufd is not initialized for the iommufd_ctx_put()\n\n[20018.331541] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[20018.377508] RIP: 0010:iommufd_ctx_put+0x5/0x10 [iommufd]\n...\n[20018.476483] Call Trace:\n[20018.479214]  \u003cTASK\u003e\n[20018.481555]  vfio_group_fops_unl_ioctl+0x506/0x690 [vfio]\n[20018.487586]  __x64_sys_ioctl+0x6a/0xb0\n[20018.491773]  ? trace_hardirqs_on+0xc5/0xe0\n[20018.496347]  do_syscall_64+0x67/0x90\n[20018.500340]  entry_SYSCALL_64_after_hwframe+0x4b/0xb5","modified":"2026-04-02T09:45:40.012202Z","published":"2025-12-30T12:08:47.527Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54174.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8f24eef598ce7cce0bbefe0ec642bcc031d0f528"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d649c34cb916b015fdcb487e51409fcc5caeca8d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54174.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54174"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9eefba8002c27d65ab52a533fd0611b099b73591"},{"fixed":"8f24eef598ce7cce0bbefe0ec642bcc031d0f528"},{"fixed":"d649c34cb916b015fdcb487e51409fcc5caeca8d"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54174.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54174.json"}}],"schema_version":"1.7.5"}