U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2023-54056 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination and source buffers. Defining kernel_headers_data as "char" would trip this check. Since these addresses are treated as byte arrays, define them as arrays (as done everywhere else). This was seen with: $ cat /sys/kernel/kheaders.tar.xz >> /dev/null detected buffer overflow in memcpy kernel BUG at lib/string_helpers.c:1027! ... RIP: 0010:fortify_panic+0xf/0x20 [...] Call Trace: <TASK> ikheaders_read+0x45/0x50 [kheaders] kernfs_fop_read_iter+0x1a4/0x2f0 ...


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/4a07d2d511e2703efd4387891d49e0326f1157f3 kernel.org
https://git.kernel.org/stable/c/719459877d58c8aced5845c1e5b98d8d87d09197 kernel.org
https://git.kernel.org/stable/c/82d2e01b95c439fe55fab5e04fc83387c42d3a48 kernel.org
https://git.kernel.org/stable/c/b69edab47f1da8edd8e7bfdf8c70f51a2a5d89fb kernel.org
https://git.kernel.org/stable/c/b9f6845a492de20679b84bda6b08be347c5819da kernel.org
https://git.kernel.org/stable/c/d6d1af6b8611801b585c53c0cc63626c8d339e96 kernel.org
https://git.kernel.org/stable/c/fcd2da2e6bf2640a31a2a5b118b50dc3635c707b kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2023-54056
NVD Published Date:
12/24/2025
NVD Last Modified:
12/24/2025
Source:
kernel.org