CVE-2023-54145

NONE EPSS 6.2%
Published Dec 24, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at least two pieces of user-provided information that can be output through this buffer, and both can be arbitrarily sized by user: - BTF names; - BTF.ext source code lines strings. Verifier log buffer should be properly sized for typical verifier state output. But it's sort-of expected that this buffer won't be long enough in some circumstances. So let's drop the check. In any case code will work correctly, at worst truncating a part of a single line output.

Threat Intelligence

EPSS Exploit Probability
6.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 3

  • git.kernel.org https://git.kernel.org/stable/c/40c88c429a598006f91ad7a2b89856cd50b3a008
  • git.kernel.org https://git.kernel.org/stable/c/926a175026fed5d534f587ea4ec3ec49265cd3c5
  • git.kernel.org https://git.kernel.org/stable/c/cff36398bd4c7d322d424433db437f3c3391c491

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.