CVE-2023-54282 — Incorrect Calculation of Buffer Size in Linux

CWE-131 — Incorrect Calculation of Buffer Size7 documents6 sources

Severity

3.3LOW

No vector

EPSS

0.0%

top 86.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUG_ON with a regular error BUG_ON is unnecessary here, and in addition it confuses smatch. Replacing this with an error return help resolve this smatch warning: drivers/media/tuners/qt1010.c:350 qt1010_init() error: buffer overflow 'i2c_data' 34 <= 34

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.2.0 — 4.14.326+6

▶Debianlinux/linux_kernel< 5.10.197-1+3

▶CVEListV5linux/linux4682b58e5af01ee856a706083eac71238fb69cd0 — 6cae780862d221106626b2b5fb21a197f398c6ec+8

▶debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2023-54282: In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUG_ON with a regular error BUG_ON is unnecessary h↗2025-12-30

▶

OSV

media: tuners: qt1010: replace BUG_ON with a regular error↗2025-12-30

▶

GHSA

GHSA-6cxv-3w9c-fphw: In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUG_ON with a regular error BUG_ON is unnecessary↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: media: tuners: qt1010: replace BUG_ON with a regular error↗2025-12-30

▶

Debian

CVE-2023-54282: linux - In the Linux kernel, the following vulnerability has been resolved: media: tune...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54282 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶