CVE-2023-54057

The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf() has no width limitation.

Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54057.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ca3bf5d47cec8b7614bcb2e9132c40081d6d81db

Fixed

5e97dc748d13fad582136ba0c8cec215c7aeeb17

Fixed

f2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9

Fixed

c513043e0afe6a8ba79d00af358655afabb576d2

Fixed

2ae19ac3ea82a5b87a81c10adbb497c9e58bdd60

Fixed

63cd11165e5e0ea2012254c764003eda1f9adb7d

Fixed

b6b26d86c61c441144c72f842f7469bb686e1211

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54057.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.7.0

Fixed

5.4.237

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.175

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.103

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.16

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.2.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54057.json"