CVE-2023-54049 - Vulnerability Details

- rpmsg: glink: Add check for kstrdup

Description

In the Linux kernel, the following vulnerability has been resolved:

rpmsg: glink: Add check for kstrdup

Add check for the return value of kstrdup() and return the error
if it fails in order to avoid NULL pointer dereference.

Published: 2025-12-24

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 5197498c902502127a47abda5359dd7f1d41946f
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 13928a837e0f014dac0322dd9f8a67c486e7f232
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< efa7f31669f04084ed5996ed467ba529f4c90467
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 71ac2ffd7f80fdd350486f6645dc48456e55a59b
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< abd740db896b3c588dced175af98b95852c1854b
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< cae0787e408c30a575760a531ccb69a6b48bbfaf
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 174cf8853857c190a3c4f1f1d2d06cfd095fe859
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< e3734a9558afac91df3c655a6f2376b9d14933b7
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< b5c9ee8296a3760760c7b5d2e305f91412adc795

Linux

affected

Version	Status	Constraints
`4.13`	affected	—
`0`	unaffected	< 4.13
`4.14.326`	unaffected	≤ 4.14.*
`4.19.295`	unaffected	≤ 4.19.*
`5.4.257`	unaffected	≤ 5.4.*
`5.10.195`	unaffected	≤ 5.10.*
`5.15.132`	unaffected	≤ 5.15.*
`6.1.53`	unaffected	≤ 6.1.*
`6.4.16`	unaffected	≤ 6.4.*
`6.5.3`	unaffected	≤ 6.5.*
`6.6`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00064.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/13928a837e0f014dac0322dd9f8a67c486e7f232
https://git.kernel.org/stable/c/174cf8853857c190a3c4f1f1d2d06cfd095fe859
https://git.kernel.org/stable/c/5197498c902502127a47abda5359dd7f1d41946f
https://git.kernel.org/stable/c/71ac2ffd7f80fdd350486f6645dc48456e55a59b
https://git.kernel.org/stable/c/abd740db896b3c588dced175af98b95852c1854b
https://git.kernel.org/stable/c/b5c9ee8296a3760760c7b5d2e305f91412adc795
https://git.kernel.org/stable/c/cae0787e408c30a575760a531ccb69a6b48bbfaf
https://git.kernel.org/stable/c/e3734a9558afac91df3c655a6f2376b9d14933b7
https://git.kernel.org/stable/c/efa7f31669f04084ed5996ed467ba529f4c90467
https://lore.kernel.org/linux-cve-announce/2025122424-CVE-2023-54049-79f7@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54049
https://www.cve.org/CVERecord?id=CVE-2023-54049

History

Thu, 25 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122424-CVE-2023-54049-79f7@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54049 https://www.cve.org/CVERecord?id=CVE-2023-54049

Wed, 24 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
Title		rpmsg: glink: Add check for kstrdup
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/13928a837e0f014dac0322dd9f8a67c486e7f232 https://git.kernel.org/stable/c/174cf8853857c190a3c4f1f1d2d06cfd095fe859 https://git.kernel.org/stable/c/5197498c902502127a47abda5359dd7f1d41946f https://git.kernel.org/stable/c/71ac2ffd7f80fdd350486f6645dc48456e55a59b https://git.kernel.org/stable/c/abd740db896b3c588dced175af98b95852c1854b https://git.kernel.org/stable/c/b5c9ee8296a3760760c7b5d2e305f91412adc795 https://git.kernel.org/stable/c/cae0787e408c30a575760a531ccb69a6b48bbfaf https://git.kernel.org/stable/c/e3734a9558afac91df3c655a6f2376b9d14933b7 https://git.kernel.org/stable/c/efa7f31669f04084ed5996ed467ba529f4c90467

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T12:22:59.585Z

Updated: 2026-05-11T19:54:31.858Z

Reserved: 2025-12-24T12:21:05.090Z

Link: CVE-2023-54049

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-24T13:16:06.560

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-54049

Redhat

Severity :

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2023-54049 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object