CVE-2023-54054 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2025122426-CVE-2023-54054-292f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54054
https://www.cve.org/CVERecord?id=CVE-2023-54054

History

Tue, 30 Dec 2025 14:30:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/2dddbf8de128289a3fb7ae38d9bc4b2217205ec1 https://git.kernel.org/stable/c/89250e775dcc4482d8e970ed92ad2c9458b14a8a https://git.kernel.org/stable/c/b68710a8094fdffe8dd4f7a82c82649f479bb453 https://git.kernel.org/stable/c/d5e7c9cd56e987c8687859a0bf38fd86aa8f3cec https://git.kernel.org/stable/c/eecb8a491c824a9376155d26ec95b6d0054c059c

Tue, 30 Dec 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix buffer overrun Klocwork warning: Buffer Overflow - Array Index Out of Bounds Driver uses fc_els_flogi to calculate size of buffer. The actual buffer is nested inside of fc_els_flogi which is smaller. Replace structure name to allow proper size calculation.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	scsi: qla2xxx: Fix buffer overrun	kernel: scsi: qla2xxx: Fix buffer overrun
CPEs	cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products	Linux Linux linux Kernel

Thu, 25 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122426-CVE-2023-54054-292f@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54054 https://www.cve.org/CVERecord?id=CVE-2023-54054
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Wed, 24 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix buffer overrun Klocwork warning: Buffer Overflow - Array Index Out of Bounds Driver uses fc_els_flogi to calculate size of buffer. The actual buffer is nested inside of fc_els_flogi which is smaller. Replace structure name to allow proper size calculation.
Title		scsi: qla2xxx: Fix buffer overrun
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2dddbf8de128289a3fb7ae38d9bc4b2217205ec1 https://git.kernel.org/stable/c/89250e775dcc4482d8e970ed92ad2c9458b14a8a https://git.kernel.org/stable/c/b68710a8094fdffe8dd4f7a82c82649f479bb453 https://git.kernel.org/stable/c/d5e7c9cd56e987c8687859a0bf38fd86aa8f3cec https://git.kernel.org/stable/c/eecb8a491c824a9376155d26ec95b6d0054c059c

Projects

Sign in to view the affected projects.

MITRE

Status: REJECTED

Assigner: Linux

Published: 2025-12-24T12:23:03.196Z

Updated: 2025-12-30T14:01:20.710Z

Reserved: 2025-12-24T12:21:05.090Z

Link: CVE-2023-54054

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2025-12-24T13:16:07.083

Modified: 2025-12-30T14:15:52.357

Link: CVE-2023-54054

Redhat

Severity : Important

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2023-54054 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object