CVE-2023-54056

NONE EPSS 8.9%
Published Dec 24, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination and source buffers. Defining kernel_headers_data as "char" would trip this check. Since these addresses are treated as byte arrays, define them as arrays (as done everywhere else). This was seen with: $ cat /sys/kernel/kheaders.tar.xz >> /dev/null detected buffer overflow in memcpy kernel BUG at lib/string_helpers.c:1027! ... RIP: 0010:fortify_panic+0xf/0x20 [...] Call Trace: <TASK> ikheaders_read+0x45/0x50 [kheaders] kernfs_fop_read_iter+0x1a4/0x2f0 ...

Threat Intelligence

EPSS Exploit Probability
8.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 7

  • git.kernel.org https://git.kernel.org/stable/c/4a07d2d511e2703efd4387891d49e0326f1157f3
  • git.kernel.org https://git.kernel.org/stable/c/719459877d58c8aced5845c1e5b98d8d87d09197
  • git.kernel.org https://git.kernel.org/stable/c/82d2e01b95c439fe55fab5e04fc83387c42d3a48
  • git.kernel.org https://git.kernel.org/stable/c/b69edab47f1da8edd8e7bfdf8c70f51a2a5d89fb
  • git.kernel.org https://git.kernel.org/stable/c/b9f6845a492de20679b84bda6b08be347c5819da
  • git.kernel.org https://git.kernel.org/stable/c/d6d1af6b8611801b585c53c0cc63626c8d339e96
  • git.kernel.org https://git.kernel.org/stable/c/fcd2da2e6bf2640a31a2a5b118b50dc3635c707b

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.