U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2023-54314 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach af9005_i2c_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/033b0c0780adee32dde218179e9bc51d2525108f kernel.org
https://git.kernel.org/stable/c/0c02eb70b1dd4ae9bb304ce6cdadbc6faba2b2e9 kernel.org
https://git.kernel.org/stable/c/63d962ac7a52c0ff4cd09af2e284dce5e5955dfe kernel.org
https://git.kernel.org/stable/c/98c12abb275b75a98ff62de9466d21e4daa98536 kernel.org
https://git.kernel.org/stable/c/abb6fd93e05e80668d2317fe1110bc99b05034c3 kernel.org
https://git.kernel.org/stable/c/c7e5ac737db25d7387fe517cb5207706782b6cf8 kernel.org
https://git.kernel.org/stable/c/e595ff350b2fd600823ee8491df7df693ae4b7c5 kernel.org
https://git.kernel.org/stable/c/f4ee84f27625ce1fdf41e8483fa0561a1b837d10 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2023-54314
NVD Published Date:
12/30/2025
NVD Last Modified:
12/30/2025
Source:
kernel.org