CVE-2023-54284
Published: Dec 30, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in write_ts_to_decoder() The buf[4] value comes from the user via ts_play(). It is a value in the u8 range. The final length we pass to av7110_ipack_instant_repack() is "len - (buf[4] + 1) - 4" so add a check to ensure that the length is not negative. It's not clear that passing a negative len value does anything bad necessarily, but it's not best practice. With the new bounds checking the "if (!len)" condition is no longer possible or required so remove that.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf - < 6680af5be9f08d830567e9118f76d3e64684db8faffected fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf - < 6606e2404ee9e20a3ae5b42fc3660d41b739ed3eaffected fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf - < 620b983589e0223876bf1463b01100a9c67b56baaffected fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf - < 86ba65e5357bfbb6c082f68b265a292ee1bdde1daffected fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf - < ca4ce92e3ec9fd3c7c936b912b95c53331d5159c+4 more versions |
Linux | Linux | affected 2.6.31unaffected 0 - < 2.6.31unaffected 4.14.315 - <= 4.14.*unaffected 4.19.283 - <= 4.19.*unaffected 5.4.243 - <= 5.4.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now