CVE-2023-54198

NONE EPSS 7.5%
Published Dec 30, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 30, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in tty_driver_lookup_tty() When specifying an invalid console= device like console=tty3270, tty_driver_lookup_tty() returns the tty struct without checking whether index is a valid number. To reproduce: qemu-system-x86_64 -enable-kvm -nographic -serial mon:stdio \ -kernel ../linux-build-x86/arch/x86/boot/bzImage \ -append "console=ttyS0 console=tty3270" This crashes with: [ 0.770599] BUG: kernel NULL pointer dereference, address: 00000000000000ef [ 0.771265] #PF: supervisor read access in kernel mode [ 0.771773] #PF: error_code(0x0000) - not-present page [ 0.772609] Oops: 0000 [#1] PREEMPT SMP PTI [ 0.774878] RIP: 0010:tty_open+0x268/0x6f0 [ 0.784013] chrdev_open+0xbd/0x230 [ 0.784444] ? cdev_device_add+0x80/0x80 [ 0.784920] do_dentry_open+0x1e0/0x410 [ 0.785389] path_openat+0xca9/0x1050 [ 0.785813] do_filp_open+0xaa/0x150 [ 0.786240] file_open_name+0x133/0x1b0 [ 0.786746] filp_open+0x27/0x50 [ 0.787244] console_on_rootfs+0x14/0x4d [ 0.787800] kernel_init_freeable+0x1e4/0x20d [ 0.788383] ? rest_init+0xc0/0xc0 [ 0.788881] kernel_init+0x11/0x120 [ 0.789356] ret_from_fork+0x22/0x30

Threat Intelligence

EPSS Exploit Probability
7.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/3df6f492f500a16c231f07ccc6f6ed1302caddf9
  • git.kernel.org https://git.kernel.org/stable/c/765566110eb0da3cf60198b0165ecceeaafa6444
  • git.kernel.org https://git.kernel.org/stable/c/84ea44dc3e4ecb2632586238014bf6722aa5843b
  • git.kernel.org https://git.kernel.org/stable/c/953a4a352a0c185460ae1449e4c6e6658e55fdfc
  • git.kernel.org https://git.kernel.org/stable/c/b79109d6470aaae7062998353e3a19449055829d
  • git.kernel.org https://git.kernel.org/stable/c/db4df8e9d79e7d37732c1a1b560958e8dadfefa1
  • git.kernel.org https://git.kernel.org/stable/c/f9d9d25ad1f0d060eaf297a2f7f03b5855a45561
  • git.kernel.org https://git.kernel.org/stable/c/fcfeaa570f7a5c2d5f4f14931909531ff18b7fde

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.