CVE-2023-54314
Null Pointer Dereference in Linux af9005_i2c_xfer Function
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can cause a denial of service by crashing the Linux kernel when a specially crafted message is processed by the af9005 media driver. An attacker who can supply malicious data to this function could trigger a kernel crash, leading to system instability or downtime.
Can you explain this vulnerability to me?
This vulnerability is a null pointer dereference in the Linux kernel's af9005 media driver, specifically in the af9005_i2c_xfer function. The issue arises because the function processes user-controlled data (msg). If msg[i].buf is null and msg[i].len is zero, previous checks on msg[i].buf are bypassed, leading to a null pointer dereference when the code tries to access msg[i].buf[0] without verifying its validity. This can cause the kernel to crash. The fix involves adding a check on msg[i].len to prevent this crash.