CVE-2023-54139

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: tracing/user_events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write() calls as the first 4 bytes. Ensure that it cannot be negative by returning -EINVAL to prevent out of bounds accesses. Update ftrace self-test to ensure this occurs properly.

Vendor	Product	Versions
Linux	Linux	affected `7f5a08c79df35e68f1a43033450c5050f12bc155 - < 0489c2b2c3104b89f078dbcec8c744dfc157d3e9` affected `7f5a08c79df35e68f1a43033450c5050f12bc155 - < 4fe46b5adf18e3dc606e62c9e6a0413398a17572` affected `7f5a08c79df35e68f1a43033450c5050f12bc155 - < fa7f2f5d1739452280c22727c4384a52b72ab5de` affected `7f5a08c79df35e68f1a43033450c5050f12bc155 - < cd98c93286a30cc4588dfd02453bec63c2f4acf4`
Linux	Linux	affected `5.18` unaffected `0 - < 5.18` unaffected `6.1.28 - <= 6.1.` unaffected `6.2.15 - <= 6.2.` unaffected `6.3.2 - <= 6.3.*` +1 more versions

References

https://git.kernel.org/stable/c/0489c2b2c3104b89f078dbcec8c744dfc157d3e9

https://git.kernel.org/stable/c/4fe46b5adf18e3dc606e62c9e6a0413398a17572

https://git.kernel.org/stable/c/fa7f2f5d1739452280c22727c4384a52b72ab5de

https://git.kernel.org/stable/c/cd98c93286a30cc4588dfd02453bec63c2f4acf4

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54139

Description

Affected Products

References