CVE-2023-54049 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

rpmsg: glink: Add check for kstrdup

Add check for the return value of kstrdup() and return the error
if it fails in order to avoid NULL pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00049.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 5197498c902502127a47abda5359dd7f1d41946f
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 13928a837e0f014dac0322dd9f8a67c486e7f232
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< efa7f31669f04084ed5996ed467ba529f4c90467
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 71ac2ffd7f80fdd350486f6645dc48456e55a59b
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< abd740db896b3c588dced175af98b95852c1854b
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< cae0787e408c30a575760a531ccb69a6b48bbfaf
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< 174cf8853857c190a3c4f1f1d2d06cfd095fe859
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< e3734a9558afac91df3c655a6f2376b9d14933b7
`b4f8e52b89f69f5563ac4cb9ffdacc4418917af1`	affected	< b5c9ee8296a3760760c7b5d2e305f91412adc795

Linux

affected

Version	Status	Constraints
`4.13`	affected	—
`0`	unaffected	< 4.13
`4.14.326`	unaffected	≤ 4.14.*
`4.19.295`	unaffected	≤ 4.19.*
`5.4.257`	unaffected	≤ 5.4.*
`5.10.195`	unaffected	≤ 5.10.*
`5.15.132`	unaffected	≤ 5.15.*
`6.1.53`	unaffected	≤ 6.1.*
`6.4.16`	unaffected	≤ 6.4.*
`6.5.3`	unaffected	≤ 6.5.*
`6.6`	unaffected	≤ *

No data.

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/13928a837e0f014dac0322dd9f8a67c486e7f232
https://git.kernel.org/stable/c/174cf8853857c190a3c4f1f1d2d06cfd095fe859
https://git.kernel.org/stable/c/5197498c902502127a47abda5359dd7f1d41946f
https://git.kernel.org/stable/c/71ac2ffd7f80fdd350486f6645dc48456e55a59b
https://git.kernel.org/stable/c/abd740db896b3c588dced175af98b95852c1854b
https://git.kernel.org/stable/c/b5c9ee8296a3760760c7b5d2e305f91412adc795
https://git.kernel.org/stable/c/cae0787e408c30a575760a531ccb69a6b48bbfaf
https://git.kernel.org/stable/c/e3734a9558afac91df3c655a6f2376b9d14933b7
https://git.kernel.org/stable/c/efa7f31669f04084ed5996ed467ba529f4c90467
https://lore.kernel.org/linux-cve-announce/2025122424-CVE-2023-54049-79f7@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54049
https://www.cve.org/CVERecord?id=CVE-2023-54049

History

Thu, 25 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122424-CVE-2023-54049-79f7@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54049 https://www.cve.org/CVERecord?id=CVE-2023-54049

Wed, 24 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
Title		rpmsg: glink: Add check for kstrdup
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/13928a837e0f014dac0322dd9f8a67c486e7f232 https://git.kernel.org/stable/c/174cf8853857c190a3c4f1f1d2d06cfd095fe859 https://git.kernel.org/stable/c/5197498c902502127a47abda5359dd7f1d41946f https://git.kernel.org/stable/c/71ac2ffd7f80fdd350486f6645dc48456e55a59b https://git.kernel.org/stable/c/abd740db896b3c588dced175af98b95852c1854b https://git.kernel.org/stable/c/b5c9ee8296a3760760c7b5d2e305f91412adc795 https://git.kernel.org/stable/c/cae0787e408c30a575760a531ccb69a6b48bbfaf https://git.kernel.org/stable/c/e3734a9558afac91df3c655a6f2376b9d14933b7 https://git.kernel.org/stable/c/efa7f31669f04084ed5996ed467ba529f4c90467

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T12:22:59.585Z

Updated: 2025-12-24T12:22:59.585Z

Reserved: 2025-12-24T12:21:05.090Z

Link: CVE-2023-54049

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-12-24T13:16:06.560

Modified: 2025-12-29T15:58:34.503

Link: CVE-2023-54049

Redhat

Severity :

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2023-54049 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object