VDB

CVE-2023-54279

CVE-2023-54279 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fw_getenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointer dereference.

EPSS 0.04% · 14.4th percentile

Risk Scores

EPSS Score
0.04%
14.4th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel3.10, 3.10, 3.10
LinuxLinux14aecdd419217e041fb5dd2749d11f58503bdf62, 14aecdd419217e041fb5dd2749d11f58503bdf62, 14aecdd419217e041fb5dd2749d11f58503bdf62

Timeline

  • Dec 30, 2025 CVE Published
  • Dec 31, 2025 EPSS Score
  • Jan 3, 2026 EPSS Score
  • Jan 7, 2026 EPSS Score
  • Jan 10, 2026 EPSS Score
  • Jan 14, 2026 EPSS Score
  • Jan 17, 2026 EPSS Score
  • Jan 21, 2026 EPSS Score
  • Jan 24, 2026 EPSS Score
  • Jan 28, 2026 EPSS Score
  • Jan 31, 2026 EPSS Score
  • Feb 3, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›