Home

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS elements, so the index must be below this limit. Fix the sanity check in order to avoid the NAND_MAX_CHIPS value. This would lead to out-of-bound accesses.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

54309d65776755bcdb9dcf3744cd764fc1e254ea (git) before 1f09d67d390647f83f8f9d26382b0daa43756e6f
affected

54309d65776755bcdb9dcf3744cd764fc1e254ea (git) before eb7a5e4d14c8659cb97db6863316280e15f67209
affected

54309d65776755bcdb9dcf3744cd764fc1e254ea (git) before f4b700c71802c81e6f9dce362ee7a0312c8377ba
affected

54309d65776755bcdb9dcf3744cd764fc1e254ea (git) before 49e57caf967a969f6b955c88805f2d160910aa12
affected

54309d65776755bcdb9dcf3744cd764fc1e254ea (git) before c6abce60338aa2080973cd95be0aedad528bb41f
affected

Default status
affected

5.9
affected

Any version before 5.9
unaffected

5.10.190 (semver)
unaffected

5.15.126 (semver)
unaffected

6.1.45 (semver)
unaffected

6.4.10 (semver)
unaffected

6.5 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/1f09d67d390647f83f8f9d26382b0daa43756e6f

git.kernel.org/...c/eb7a5e4d14c8659cb97db6863316280e15f67209

git.kernel.org/...c/f4b700c71802c81e6f9dce362ee7a0312c8377ba

git.kernel.org/...c/49e57caf967a969f6b955c88805f2d160910aa12

git.kernel.org/...c/c6abce60338aa2080973cd95be0aedad528bb41f

cve.org (CVE-2023-54104)

nvd.nist.gov (CVE-2023-54104)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.