CVE-2023-54145

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at least two pieces of user-provided information that can be output through this buffer, and both can be arbitrarily sized by user: - BTF names; - BTF.ext source code lines strings. Verifier log buffer should be properly sized for typical verifier state output. But it's sort-of expected that this buffer won't be long enough in some circumstances. So let's drop the check. In any case code will work correctly, at worst truncating a part of a single line output.

Vendor	Product	Versions
Linux	Linux	affected `a2a7d5701052542cd2260e7659b12443e0a74733 - < 40c88c429a598006f91ad7a2b89856cd50b3a008` affected `a2a7d5701052542cd2260e7659b12443e0a74733 - < 926a175026fed5d534f587ea4ec3ec49265cd3c5` affected `a2a7d5701052542cd2260e7659b12443e0a74733 - < cff36398bd4c7d322d424433db437f3c3391c491`
Linux	Linux	affected `4.15` unaffected `0 - < 4.15` unaffected `6.1.107 - <= 6.1.` unaffected `6.4.7 - <= 6.4.` unaffected `6.5 - <= *`

References

https://git.kernel.org/stable/c/40c88c429a598006f91ad7a2b89856cd50b3a008

https://git.kernel.org/stable/c/926a175026fed5d534f587ea4ec3ec49265cd3c5

https://git.kernel.org/stable/c/cff36398bd4c7d322d424433db437f3c3391c491

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54145

Description

Affected Products

References