{"id":"CVE-2023-54308","summary":"ALSA: ymfpci: Create card with device-managed snd_devm_card_new()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ymfpci: Create card with device-managed snd_devm_card_new()\n\nsnd_card_ymfpci_remove() was removed in commit c6e6bb5eab74 (\"ALSA:\nymfpci: Allocate resources with device-managed APIs\"), but the call to\nsnd_card_new() was not replaced with snd_devm_card_new().\n\nSince there was no longer a call to snd_card_free, unloading the module\nwould eventually result in Oops:\n\n[697561.532887] BUG: unable to handle page fault for address: ffffffffc0924480\n[697561.532893] #PF: supervisor read access in kernel mode\n[697561.532896] #PF: error_code(0x0000) - not-present page\n[697561.532899] PGD ae1e15067 P4D ae1e15067 PUD ae1e17067 PMD 11a8f5067 PTE 0\n[697561.532905] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[697561.532909] CPU: 21 PID: 5080 Comm: wireplumber Tainted: G        W  OE      6.2.7 #1\n[697561.532914] Hardware name: System manufacturer System Product Name/TUF GAMING X570-PLUS, BIOS 4408 10/28/2022\n[697561.532916] RIP: 0010:try_module_get.part.0+0x1a/0xe0\n[697561.532924] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 49 89 fc bf 01 00 00 00 e8 56 3c f8 ff \u003c41\u003e 83 3c 24 02 0f 84 96 00 00 00 41 8b 84 24 30 03 00 00 85 c0 0f\n[697561.532927] RSP: 0018:ffffbe9b858c3bd8 EFLAGS: 00010246\n[697561.532930] RAX: ffff9815d14f1900 RBX: ffff9815c14e6000 RCX: 0000000000000000\n[697561.532933] RDX: 0000000000000000 RSI: ffffffffc055092c RDI: ffffffffb3778c1a\n[697561.532935] RBP: ffffbe9b858c3be8 R08: 0000000000000040 R09: ffff981a1a741380\n[697561.532937] R10: ffffbe9b858c3c80 R11: 00000009d56533a6 R12: ffffffffc0924480\n[697561.532939] R13: ffff9823439d8500 R14: 0000000000000025 R15: ffff9815cd109f80\n[697561.532942] FS:  00007f13084f1f80(0000) GS:ffff9824aef40000(0000) knlGS:0000000000000000\n[697561.532945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[697561.532947] CR2: ffffffffc0924480 CR3: 0000000145344000 CR4: 0000000000350ee0\n[697561.532949] Call Trace:\n[697561.532951]  \u003cTASK\u003e\n[697561.532955]  try_module_get+0x13/0x30\n[697561.532960]  snd_ctl_open+0x61/0x1c0 [snd]\n[697561.532976]  snd_open+0xb4/0x1e0 [snd]\n[697561.532989]  chrdev_open+0xc7/0x240\n[697561.532995]  ? fsnotify_perm.part.0+0x6e/0x160\n[697561.533000]  ? __pfx_chrdev_open+0x10/0x10\n[697561.533005]  do_dentry_open+0x169/0x440\n[697561.533009]  vfs_open+0x2d/0x40\n[697561.533012]  path_openat+0xa9d/0x10d0\n[697561.533017]  ? debug_smp_processor_id+0x17/0x20\n[697561.533022]  ? trigger_load_balance+0x65/0x370\n[697561.533026]  do_filp_open+0xb2/0x160\n[697561.533032]  ? _raw_spin_unlock+0x19/0x40\n[697561.533036]  ? alloc_fd+0xa9/0x190\n[697561.533040]  do_sys_openat2+0x9f/0x160\n[697561.533044]  __x64_sys_openat+0x55/0x90\n[697561.533048]  do_syscall_64+0x3b/0x90\n[697561.533052]  entry_SYSCALL_64_after_hwframe+0x72/0xdc\n[697561.533056] RIP: 0033:0x7f1308a40db4\n[697561.533059] Code: 24 20 eb 8f 66 90 44 89 54 24 0c e8 46 68 f8 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 78 68 f8 ff 8b 44\n[697561.533062] RSP: 002b:00007ffcce664450 EFLAGS: 00000293 ORIG_RAX: 0000000000000101\n[697561.533066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1308a40db4\n[697561.533068] RDX: 0000000000080000 RSI: 00007ffcce664690 RDI: 00000000ffffff9c\n[697561.533070] RBP: 00007ffcce664690 R08: 0000000000000000 R09: 0000000000000012\n[697561.533072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080000\n[697561.533074] R13: 00007f13054b069b R14: 0000565209f83200 R15: 0000000000000000\n[697561.533078]  \u003c/TASK\u003e","modified":"2026-03-20T12:33:32.621469Z","published":"2025-12-30T12:23:41.163Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54308.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/255a81a89501df77379b51a81c7a2e8e7c359bc6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/95642872c466030240199ba796a40771c493ed0c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/db7d7782677ff998c06997903d5400a0ba91cebb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f33fc1576757741479452255132d6e3aaf558ffe"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54308.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54308"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c6e6bb5eab7457a938c0405d5ccf319d3ee735c1"},{"fixed":"95642872c466030240199ba796a40771c493ed0c"},{"fixed":"db7d7782677ff998c06997903d5400a0ba91cebb"},{"fixed":"255a81a89501df77379b51a81c7a2e8e7c359bc6"},{"fixed":"f33fc1576757741479452255132d6e3aaf558ffe"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54308.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.15.0"},{"fixed":"5.15.106"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.23"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54308.json"}}],"schema_version":"1.7.5"}