Home

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at least two pieces of user-provided information that can be output through this buffer, and both can be arbitrarily sized by user: - BTF names; - BTF.ext source code lines strings. Verifier log buffer should be properly sized for typical verifier state output. But it's sort-of expected that this buffer won't be long enough in some circumstances. So let's drop the check. In any case code will work correctly, at worst truncating a part of a single line output.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 40c88c429a598006f91ad7a2b89856cd50b3a008
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 926a175026fed5d534f587ea4ec3ec49265cd3c5
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before cff36398bd4c7d322d424433db437f3c3391c491
affected

Default status
affected

6.1.107 (semver)
unaffected

6.4.7 (semver)
unaffected

6.5 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/40c88c429a598006f91ad7a2b89856cd50b3a008

git.kernel.org/...c/926a175026fed5d534f587ea4ec3ec49265cd3c5

git.kernel.org/...c/cff36398bd4c7d322d424433db437f3c3391c491

cve.org (CVE-2023-54145)

nvd.nist.gov (CVE-2023-54145)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.