CVE-2023-54139 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-54139 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: tracing/user_events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write() calls as the first 4 bytes. Ensure that it cannot be negative by returning -EINVAL to prevent out of bounds accesses. Update ftrace self-test to ensure this occurs properly.

EPSS 0.03% · 7.2th percentile

Risk Scores

EPSS Score

0.03%

7.2th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	7f5a08c79df35e68f1a43033450c5050f12bc155, 7f5a08c79df35e68f1a43033450c5050f12bc155, 7f5a08c79df35e68f1a43033450c5050f12bc155
linux	linux_kernel	5.18, 5.18, 5.18

Timeline

Dec 24, 2025 CVE Published
Dec 25, 2025 EPSS Score
Dec 28, 2025 EPSS Score
Dec 29, 2025 CVE Updated
Dec 31, 2025 EPSS Score
Jan 3, 2026 EPSS Score
Jan 6, 2026 EPSS Score
Jan 10, 2026 EPSS Score
Jan 13, 2026 EPSS Score
Jan 16, 2026 EPSS Score
Jan 19, 2026 EPSS Score
Jan 22, 2026 EPSS Score

References

Open in Interactive Console →