-

CVE-2023-54102

EPSS 0.04%
Veröffentlicht 24.12.2025 13:06:27
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow

A static code analysis tool flagged the possibility of buffer overflow when
using copy_from_user() for a debugfs entry.

Currently, it is possible that copy_from_user() copies more bytes than what
would fit in the mybuf char array.  Add a min() restriction check between
sizeof(mybuf) - 1 and nbytes passed from the userspace buffer to protect
against buffer overflow.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 644a9d5e22761a41d5005a26996a643da96de962

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Status affected

Version < e0e7faee3a7dd6f51350cda64997116a247eb045

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Status affected

Version < f91037487036e2d2f18d3c2481be6b9a366bde7f

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Status affected

Version < a9df88cb31dcbd72104ec5883f35cbc1fb587e47

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Status affected

Version < ad050f6cf681ebb850a9d4bc19474d3896476301

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Status affected

Version < c6087b82a9146826564a55c5ca0164cac40348f5

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.1

Status affected

Version < 5.1

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.132

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/644a9d5e22761a41d5005a26996a643da96de962

https://git.kernel.org/stable/c/e0e7faee3a7dd6f51350cda64997116a247eb045

https://git.kernel.org/stable/c/f91037487036e2d2f18d3c2481be6b9a366bde7f

https://git.kernel.org/stable/c/a9df88cb31dcbd72104ec5883f35cbc1fb587e47

https://git.kernel.org/stable/c/ad050f6cf681ebb850a9d4bc19474d3896476301

https://git.kernel.org/stable/c/c6087b82a9146826564a55c5ca0164cac40348f5

https://nvd.nist.gov/vuln/detail/CVE-2023-54102

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54102

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54102

EUVD