VDB

CVE-2023-54139

CVE-2023-54139 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: tracing/user_events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write() calls as the first 4 bytes. Ensure that it cannot be negative by returning -EINVAL to prevent out of bounds accesses. Update ftrace self-test to ensure this occurs properly.

EPSS 0.03% · 8.4th percentile

Risk Scores

EPSS Score
0.03%
8.4th percentile

Affected Products

VendorProductVersions
LinuxLinux6.1.28, 0, 6.2.15
linuxlinux_kernel5.18, 5.18, 5.18

Timeline

  • Dec 24, 2025 CVE Published
  • Dec 25, 2025 EPSS Score
  • Dec 29, 2025 EPSS Score
  • Jan 1, 2026 EPSS Score
  • Jan 5, 2026 EPSS Score
  • Jan 9, 2026 EPSS Score
  • Jan 12, 2026 EPSS Score
  • Jan 16, 2026 EPSS Score
  • Jan 20, 2026 EPSS Score
  • Jan 23, 2026 EPSS Score
  • Jan 27, 2026 EPSS Score
  • Jan 31, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›