-

CVE-2023-54102

EPSS 0.06%
Veröffentlicht 24.12.2025 13:06:27
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow

A static code analysis tool flagged the possibility of buffer overflow when
using copy_from_user() for a debugfs entry.

Currently, it is possible that copy_from_user() copies more bytes than what
would fit in the mybuf char array.  Add a min() restriction check between
sizeof(mybuf) - 1 and nbytes passed from the userspace buffer to protect
against buffer overflow.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Version < 644a9d5e22761a41d5005a26996a643da96de962

Status affected

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Version < e0e7faee3a7dd6f51350cda64997116a247eb045

Status affected

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Version < f91037487036e2d2f18d3c2481be6b9a366bde7f

Status affected

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Version < a9df88cb31dcbd72104ec5883f35cbc1fb587e47

Status affected

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Version < ad050f6cf681ebb850a9d4bc19474d3896476301

Status affected

Version 6a828b0f6192b4930894925d1c1d0dc1f1d99e6e

Version < c6087b82a9146826564a55c5ca0164cac40348f5

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.1

Status affected

Version 0

Version < 5.1

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.18

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/644a9d5e22761a41d5005a26996a643da96de962

https://git.kernel.org/stable/c/e0e7faee3a7dd6f51350cda64997116a247eb045

https://git.kernel.org/stable/c/f91037487036e2d2f18d3c2481be6b9a366bde7f

https://git.kernel.org/stable/c/a9df88cb31dcbd72104ec5883f35cbc1fb587e47

https://git.kernel.org/stable/c/ad050f6cf681ebb850a9d4bc19474d3896476301

https://git.kernel.org/stable/c/c6087b82a9146826564a55c5ca0164cac40348f5

https://nvd.nist.gov/vuln/detail/CVE-2023-54102

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54102

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54102

EUVD