CVE-2023-54139 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: tracing/user_events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write() calls as the first 4 bytes. Ensure that it cannot be negative by returning -EINVAL to prevent out of bounds accesses. Update ftrace self-test to ensure this occurs properly.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

7f5a08c79df35e68f1a43033450c5050f12bc155 (git) before 0489c2b2c3104b89f078dbcec8c744dfc157d3e9

affected

7f5a08c79df35e68f1a43033450c5050f12bc155 (git) before 4fe46b5adf18e3dc606e62c9e6a0413398a17572

affected

7f5a08c79df35e68f1a43033450c5050f12bc155 (git) before fa7f2f5d1739452280c22727c4384a52b72ab5de

affected

7f5a08c79df35e68f1a43033450c5050f12bc155 (git) before cd98c93286a30cc4588dfd02453bec63c2f4acf4

affected

Default status

affected

5.18

affected

Any version before 5.18

unaffected

6.1.28 (semver)

unaffected

6.2.15 (semver)

unaffected

6.3.2 (semver)

unaffected

6.4 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/0489c2b2c3104b89f078dbcec8c744dfc157d3e9

git.kernel.org/...c/4fe46b5adf18e3dc606e62c9e6a0413398a17572

git.kernel.org/...c/fa7f2f5d1739452280c22727c4384a52b72ab5de

git.kernel.org/...c/cd98c93286a30cc4588dfd02453bec63c2f4acf4

cve.org (CVE-2023-54139)

nvd.nist.gov (CVE-2023-54139)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu