{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-54284","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-30T12:06:44.525Z","datePublished":"2025-12-30T12:23:25.116Z","dateUpdated":"2026-05-11T19:58:59.823Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:58:59.823Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: prevent underflow in write_ts_to_decoder()\n\nThe buf[4] value comes from the user via ts_play().  It is a value in\nthe u8 range.  The final length we pass to av7110_ipack_instant_repack()\nis \"len - (buf[4] + 1) - 4\" so add a check to ensure that the length is\nnot negative.  It's not clear that passing a negative len value does\nanything bad necessarily, but it's not best practice.\n\nWith the new bounds checking the \"if (!len)\" condition is no longer\npossible or required so remove that."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/staging/media/av7110/av7110_av.c"],"versions":[{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"6680af5be9f08d830567e9118f76d3e64684db8f","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"6606e2404ee9e20a3ae5b42fc3660d41b739ed3e","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"620b983589e0223876bf1463b01100a9c67b56ba","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"86ba65e5357bfbb6c082f68b265a292ee1bdde1d","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"ca4ce92e3ec9fd3c7c936b912b95c53331d5159c","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"423350af9e27f005611bd881b1df2cab66de943d","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"77eeb4732135c18c2fdfab80839645b393f3e774","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"7b93ab60fe9ed04be0ff155bc30ad39dea23e22b","status":"affected","versionType":"git"},{"version":"fd46d16d602ab7fd53cef7ff55b9dcb0b47ad3bf","lessThan":"eed9496a0501357aa326ddd6b71408189ed872eb","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/staging/media/av7110/av7110_av.c"],"versions":[{"version":"2.6.31","status":"affected"},{"version":"0","lessThan":"2.6.31","status":"unaffected","versionType":"semver"},{"version":"4.14.315","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.283","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.243","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.211","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.111","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.28","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2.15","lessThanOrEqual":"6.2.*","status":"unaffected","versionType":"semver"},{"version":"6.3.2","lessThanOrEqual":"6.3.*","status":"unaffected","versionType":"semver"},{"version":"6.4","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"4.14.315"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"4.19.283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"5.4.243"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"5.10.211"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"5.15.111"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.1.28"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.2.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.3.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.31","versionEndExcluding":"6.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6680af5be9f08d830567e9118f76d3e64684db8f"},{"url":"https://git.kernel.org/stable/c/6606e2404ee9e20a3ae5b42fc3660d41b739ed3e"},{"url":"https://git.kernel.org/stable/c/620b983589e0223876bf1463b01100a9c67b56ba"},{"url":"https://git.kernel.org/stable/c/86ba65e5357bfbb6c082f68b265a292ee1bdde1d"},{"url":"https://git.kernel.org/stable/c/ca4ce92e3ec9fd3c7c936b912b95c53331d5159c"},{"url":"https://git.kernel.org/stable/c/423350af9e27f005611bd881b1df2cab66de943d"},{"url":"https://git.kernel.org/stable/c/77eeb4732135c18c2fdfab80839645b393f3e774"},{"url":"https://git.kernel.org/stable/c/7b93ab60fe9ed04be0ff155bc30ad39dea23e22b"},{"url":"https://git.kernel.org/stable/c/eed9496a0501357aa326ddd6b71408189ed872eb"}],"title":"media: av7110: prevent underflow in write_ts_to_decoder()","x_generator":{"engine":"bippy-1.2.0"}}}}