CVE-2023-54135Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extends to the last slot in the node, in which case the node maximum should be used as the end pivot. akpm: this doesn't affect any current callers, but new users of mapletree may encounter this probl

Affected Packages4 packages

Linuxlinux/linux_kernel6.1.06.1.37+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux54a611b605901c7d5d05b6b8f5d04a6ceb0962aa4e2ad53ababeaac44d71162650984abfe783960c+4
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-6745-68h7-96pp: In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the wri2025-12-24
OSV
CVE-2023-54135: In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write2025-12-24
OSV
maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()2025-12-24
Debian
CVE-2023-54135: linux - In the Linux kernel, the following vulnerability has been resolved: maple_tree:...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54135 Impact, Exploitability, and Mitigation Steps | Wiz