CVE-2023-54054
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/12/2025
Last modified:
24/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
scsi: qla2xxx: Fix buffer overrun<br />
<br />
Klocwork warning: Buffer Overflow - Array Index Out of Bounds<br />
<br />
Driver uses fc_els_flogi to calculate size of buffer. The actual buffer is<br />
nested inside of fc_els_flogi which is smaller.<br />
<br />
Replace structure name to allow proper size calculation.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2dddbf8de128289a3fb7ae38d9bc4b2217205ec1
- https://git.kernel.org/stable/c/89250e775dcc4482d8e970ed92ad2c9458b14a8a
- https://git.kernel.org/stable/c/b68710a8094fdffe8dd4f7a82c82649f479bb453
- https://git.kernel.org/stable/c/d5e7c9cd56e987c8687859a0bf38fd86aa8f3cec
- https://git.kernel.org/stable/c/eecb8a491c824a9376155d26ec95b6d0054c059c