CVE-2023-54056
Published: Dec 24, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination and source buffers. Defining kernel_headers_data as "char" would trip this check. Since these addresses are treated as byte arrays, define them as arrays (as done everywhere else). This was seen with: $ cat /sys/kernel/kheaders.tar.xz >> /dev/null detected buffer overflow in memcpy kernel BUG at lib/string_helpers.c:1027! ... RIP: 0010:fortify_panic+0xf/0x20 [...] Call Trace: <TASK> ikheaders_read+0x45/0x50 [kheaders] kernfs_fop_read_iter+0x1a4/0x2f0 ...
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 43d8ce9d65a54846d378545770991e65838981e0 - < 719459877d58c8aced5845c1e5b98d8d87d09197affected 43d8ce9d65a54846d378545770991e65838981e0 - < fcd2da2e6bf2640a31a2a5b118b50dc3635c707baffected 43d8ce9d65a54846d378545770991e65838981e0 - < 4a07d2d511e2703efd4387891d49e0326f1157f3affected 43d8ce9d65a54846d378545770991e65838981e0 - < b9f6845a492de20679b84bda6b08be347c5819daaffected 43d8ce9d65a54846d378545770991e65838981e0 - < d6d1af6b8611801b585c53c0cc63626c8d339e96+2 more versions |
Linux | Linux | affected 5.2unaffected 0 - < 5.2unaffected 5.4.243 - <= 5.4.*unaffected 5.10.180 - <= 5.10.*unaffected 5.15.111 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now