{"id":"CVE-2023-54102","summary":"scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow\n\nA static code analysis tool flagged the possibility of buffer overflow when\nusing copy_from_user() for a debugfs entry.\n\nCurrently, it is possible that copy_from_user() copies more bytes than what\nwould fit in the mybuf char array.  Add a min() restriction check between\nsizeof(mybuf) - 1 and nbytes passed from the userspace buffer to protect\nagainst buffer overflow.","modified":"2026-03-20T12:33:26.957726Z","published":"2025-12-24T13:06:27.915Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54102.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/644a9d5e22761a41d5005a26996a643da96de962"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a9df88cb31dcbd72104ec5883f35cbc1fb587e47"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ad050f6cf681ebb850a9d4bc19474d3896476301"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6087b82a9146826564a55c5ca0164cac40348f5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e0e7faee3a7dd6f51350cda64997116a247eb045"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f91037487036e2d2f18d3c2481be6b9a366bde7f"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54102.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54102"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6a828b0f6192b4930894925d1c1d0dc1f1d99e6e"},{"fixed":"644a9d5e22761a41d5005a26996a643da96de962"},{"fixed":"e0e7faee3a7dd6f51350cda64997116a247eb045"},{"fixed":"f91037487036e2d2f18d3c2481be6b9a366bde7f"},{"fixed":"a9df88cb31dcbd72104ec5883f35cbc1fb587e47"},{"fixed":"ad050f6cf681ebb850a9d4bc19474d3896476301"},{"fixed":"c6087b82a9146826564a55c5ca0164cac40348f5"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54102.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.1.0"},{"fixed":"5.4.244"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.181"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.113"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.30"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.3.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54102.json"}}],"schema_version":"1.7.5"}