CVE-2023-54034 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfio_iommu_type1_info before copying to user Missed a zero initialization here. Most of the struct is filled with a copy_from_user(), however minsz for that copy is smaller than the actual struct by 8 bytes, thus we don't fill the padding.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

d624d6652a65ad4f47a58b8651a1ec1163bb81d3 (git) before 7adcec686e4d699c169d34c722132b2bce5232cb

affected

d624d6652a65ad4f47a58b8651a1ec1163bb81d3 (git) before b3551ead616318ea155558cdbe7e91495b8d9b33

affected

Default status

affected

6.2

affected

Any version before 6.2

unaffected

6.2.3 (semver)

unaffected

6.3 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/7adcec686e4d699c169d34c722132b2bce5232cb

git.kernel.org/...c/b3551ead616318ea155558cdbe7e91495b8d9b33

cve.org (CVE-2023-54034)

nvd.nist.gov (CVE-2023-54034)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu