CVE-2023-54104 — Linux vulnerability

7 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 92.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS elements, so the index must be below this limit. Fix the sanity check in order to avoid the NAND_MAX_CHIPS value. This would lead to out-of-bound accesses.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.9.0 — 5.10.190+3

▶Debianlinux/linux_kernel< 5.10.191-1+3

▶CVEListV5linux/linux54309d65776755bcdb9dcf3744cd764fc1e254ea — 1f09d67d390647f83f8f9d26382b0daa43756e6f+5

▶debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-39vf-5xqf-2xfv: In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied↗2025-12-24

▶

OSV

CVE-2023-54104: In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied i↗2025-12-24

▶

OSV

mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()↗2025-12-24

▶

Debian

CVE-2023-54104: linux - In the Linux kernel, the following vulnerability has been resolved: mtd: rawnan...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54104 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶