1. Home
  2. Vulnerabilities
  3. CVE-2023-54256
0.0
NA
CVE-2023-54256
usb: dwc3: don't reset device side if dwc3 was configured as host-only
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Dec. 30, 2025, 1:16 p.m.

Last Modified :

Dec. 30, 2025, 2:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2023-54256 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Update the Linux kernel to resolve a host-only configuration issue.
  • Update the Linux kernel.
  • Apply the provided commit to the kernel.
  • Rebuild and install the kernel.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-54256 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2023-54256 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 30, 2025

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 30, 2025

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: don't reset device side if dwc3 was configured as host-only Commit c4a5153e87fd ("usb: dwc3: core: Power-off core/PHYs on system_suspend in host mode") replaces check for HOST only dr_mode with current_dr_role. But during booting, the current_dr_role isn't initialized, thus the device side reset is always issued even if dwc3 was configured as host-only. What's more, on some platforms with host only dwc3, aways issuing device side reset by accessing device register block can cause kernel panic. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org: https://git.kernel.org/stable/c/317d6e4c12b46bde61248ea4ab5e19f68cbd1c57
    Removed Reference kernel.org: https://git.kernel.org/stable/c/6366b1178545e0a29f69845938153aa3c7aa603b
    Removed Reference kernel.org: https://git.kernel.org/stable/c/640cb5f5e4b41fe050519e108d7505a5fd2124c9
    Removed Reference kernel.org: https://git.kernel.org/stable/c/96c433aff5fd427fde29aba18dbec3df60e8c538
    Removed Reference kernel.org: https://git.kernel.org/stable/c/b4e909a46919a922da3e2f7983465370f40bdda4
    Removed Reference kernel.org: https://git.kernel.org/stable/c/c1fad1695befef3c3ae5f185ed0f8f394b9962ae
    Removed Reference kernel.org: https://git.kernel.org/stable/c/e835c0a4e23c38531dcee5ef77e8d1cf462658c7
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 30, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: don't reset device side if dwc3 was configured as host-only Commit c4a5153e87fd ("usb: dwc3: core: Power-off core/PHYs on system_suspend in host mode") replaces check for HOST only dr_mode with current_dr_role. But during booting, the current_dr_role isn't initialized, thus the device side reset is always issued even if dwc3 was configured as host-only. What's more, on some platforms with host only dwc3, aways issuing device side reset by accessing device register block can cause kernel panic.
    Added Reference https://git.kernel.org/stable/c/317d6e4c12b46bde61248ea4ab5e19f68cbd1c57
    Added Reference https://git.kernel.org/stable/c/6366b1178545e0a29f69845938153aa3c7aa603b
    Added Reference https://git.kernel.org/stable/c/640cb5f5e4b41fe050519e108d7505a5fd2124c9
    Added Reference https://git.kernel.org/stable/c/96c433aff5fd427fde29aba18dbec3df60e8c538
    Added Reference https://git.kernel.org/stable/c/b4e909a46919a922da3e2f7983465370f40bdda4
    Added Reference https://git.kernel.org/stable/c/c1fad1695befef3c3ae5f185ed0f8f394b9962ae
    Added Reference https://git.kernel.org/stable/c/e835c0a4e23c38531dcee5ef77e8d1cf462658c7
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.