In the Linux kernel, the following vulnerability has been resolved:

firmware: meson_sm: fix to avoid potential NULL pointer dereference

of_match_device() may fail and returns a NULL pointer.

Fix this by checking the return value of of_match_device.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00035.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
525ae72d9f0b5cf027f1c78c84e41c90e86df026 affected < fba9c24c196310546f13c77ff66d0741155fa771
8cde3c2153e8f57be884c0e73f18bc4de150e870 affected < 9f4017cac70c04090dd4f672e755d6c875af67d8
8cde3c2153e8f57be884c0e73f18bc4de150e870 affected < 502dfc5875bab9ae5d6a2939146c2c5e5683be40
8cde3c2153e8f57be884c0e73f18bc4de150e870 affected < bd3a6b6d5dd863dbbe17985c7612159cf4533cad
8cde3c2153e8f57be884c0e73f18bc4de150e870 affected < 68f3209546b5083f8bffa46f7173cc05191eace1
8cde3c2153e8f57be884c0e73f18bc4de150e870 affected < 2d6c4a1a4e6678cb98dd57964f133a995ecc91c1
8cde3c2153e8f57be884c0e73f18bc4de150e870 affected < f2ed165619c16577c02b703a114a1f6b52026df4
Linux Linux affected
Version Status Constraints
5.5 affected
0 unaffected < 5.5
5.10.195 unaffected ≤ 5.10.*
5.15.132 unaffected ≤ 5.15.*
6.1.53 unaffected ≤ 6.1.*
6.4.16 unaffected ≤ 6.4.*
6.5.3 unaffected ≤ 6.5.*
6.6 unaffected ≤ *

No data.

No data.

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/2d6c4a1a4e6678cb98dd57964f133a995ecc91c1 cve-icon cve-icon
https://git.kernel.org/stable/c/502dfc5875bab9ae5d6a2939146c2c5e5683be40 cve-icon cve-icon
https://git.kernel.org/stable/c/68f3209546b5083f8bffa46f7173cc05191eace1 cve-icon cve-icon
https://git.kernel.org/stable/c/9f4017cac70c04090dd4f672e755d6c875af67d8 cve-icon cve-icon
https://git.kernel.org/stable/c/bd3a6b6d5dd863dbbe17985c7612159cf4533cad cve-icon cve-icon
https://git.kernel.org/stable/c/f2ed165619c16577c02b703a114a1f6b52026df4 cve-icon cve-icon
https://git.kernel.org/stable/c/fba9c24c196310546f13c77ff66d0741155fa771 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025123033-CVE-2023-54304-fefc@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-54304 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-54304 cve-icon
History

Wed, 31 Dec 2025 12:15:00 +0000

Type Values Removed Values Added
References

Tue, 30 Dec 2025 12:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device.
Title firmware: meson_sm: fix to avoid potential NULL pointer dereference
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-12-30T12:23:38.495Z

Reserved: 2025-12-30T12:06:44.529Z

Link: CVE-2023-54304

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-12-30T13:16:19.543

Modified: 2025-12-31T20:42:43.210

Link: CVE-2023-54304

cve-icon Redhat

Severity :

Publid Date: 2025-12-30T00:00:00Z

Links: CVE-2023-54304 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.