CVE-2023-54284
- Source
- https://cve.org/CVERecord?id=CVE-2023-54284
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54284.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-54284
- Downstream
- Related
- Published
- 2025-12-30T12:23:25.116Z
- Modified
- 2026-03-20T12:33:32.188993Z
- Summary
- media: av7110: prevent underflow in write_ts_to_decoder()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
media: av7110: prevent underflow in writetsto_decoder()
The buf[4] value comes from the user via tsplay(). It is a value in the u8 range. The final length we pass to av7110ipackinstantrepack() is "len - (buf[4] + 1) - 4" so add a check to ensure that the length is not negative. It's not clear that passing a negative len value does anything bad necessarily, but it's not best practice.
With the new bounds checking the "if (!len)" condition is no longer possible or required so remove that.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54284.json" }- References
-
- https://git.kernel.org/stable/c/423350af9e27f005611bd881b1df2cab66de943d
- https://git.kernel.org/stable/c/620b983589e0223876bf1463b01100a9c67b56ba
- https://git.kernel.org/stable/c/6606e2404ee9e20a3ae5b42fc3660d41b739ed3e
- https://git.kernel.org/stable/c/6680af5be9f08d830567e9118f76d3e64684db8f
- https://git.kernel.org/stable/c/77eeb4732135c18c2fdfab80839645b393f3e774
- https://git.kernel.org/stable/c/7b93ab60fe9ed04be0ff155bc30ad39dea23e22b
- https://git.kernel.org/stable/c/86ba65e5357bfbb6c082f68b265a292ee1bdde1d
- https://git.kernel.org/stable/c/ca4ce92e3ec9fd3c7c936b912b95c53331d5159c
- https://git.kernel.org/stable/c/eed9496a0501357aa326ddd6b71408189ed872eb
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54284.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54284
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedfd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bfFixed6680af5be9f08d830567e9118f76d3e64684db8fFixed6606e2404ee9e20a3ae5b42fc3660d41b739ed3eFixed620b983589e0223876bf1463b01100a9c67b56baFixed86ba65e5357bfbb6c082f68b265a292ee1bdde1dFixedca4ce92e3ec9fd3c7c936b912b95c53331d5159cFixed423350af9e27f005611bd881b1df2cab66de943dFixed77eeb4732135c18c2fdfab80839645b393f3e774Fixed7b93ab60fe9ed04be0ff155bc30ad39dea23e22bFixedeed9496a0501357aa326ddd6b71408189ed872eb
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.31Fixed4.14.315
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.283
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.243
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.211
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.111
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.28
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.2.15
- Type
- ECOSYSTEM
- Events
-
Introduced6.3.0Fixed6.3.2