CVE-2023-54104

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-54104
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54104.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-54104
Downstream
Related
Published
2025-12-24T13:06:29.354Z
Modified
2026-03-31T17:29:41.955310314Z
Summary
mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
Details

In the Linux kernel, the following vulnerability has been resolved:

mtd: rawnand: fslupm: Fix an off-by one test in funexec_op()

'op-cs' is copied in 'fun->mchipnumber' which is used to access the 'mchipoffsets' and the 'rnbgpio' arrays. These arrays have NANDMAX_CHIPS elements, so the index must be below this limit.

Fix the sanity check in order to avoid the NANDMAXCHIPS value. This would lead to out-of-bound accesses.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54104.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54309d65776755bcdb9dcf3744cd764fc1e254ea
Fixed
1f09d67d390647f83f8f9d26382b0daa43756e6f
Fixed
eb7a5e4d14c8659cb97db6863316280e15f67209
Fixed
f4b700c71802c81e6f9dce362ee7a0312c8377ba
Fixed
49e57caf967a969f6b955c88805f2d160910aa12
Fixed
c6abce60338aa2080973cd95be0aedad528bb41f

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54104.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.9.0
Fixed
5.10.190
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.126
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.45
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.4.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54104.json"