Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copy_from_user() for a debugfs entry. Currently, it is possible that copy_from_user() copies more bytes than what would fit in the mybuf char array. Add a min() restriction check between sizeof(mybuf) - 1 and nbytes passed from the userspace buffer to protect against buffer overflow.

INFO

Published Date :

2025-12-24T13:06:27.915Z

Last Modified :

2026-01-05T10:33:46.034Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-54102 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-54102.

URL Resource
https://git.kernel.org/stable/c/644a9d5e22761a41d5005a26996a643da96de962 cve-icon cve-icon
https://git.kernel.org/stable/c/a9df88cb31dcbd72104ec5883f35cbc1fb587e47 cve-icon cve-icon
https://git.kernel.org/stable/c/ad050f6cf681ebb850a9d4bc19474d3896476301 cve-icon cve-icon
https://git.kernel.org/stable/c/c6087b82a9146826564a55c5ca0164cac40348f5 cve-icon cve-icon
https://git.kernel.org/stable/c/e0e7faee3a7dd6f51350cda64997116a247eb045 cve-icon cve-icon
https://git.kernel.org/stable/c/f91037487036e2d2f18d3c2481be6b9a366bde7f cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025122410-CVE-2023-54102-7dd5@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-54102 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-54102 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact