CVE-2023-54279 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-54279 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fw_getenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointer dereference.

EPSS 0.05% · 15.3th percentile

Risk Scores

EPSS Score

0.05%

15.3th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	3.10, 3.10, 3.10
Linux	Linux	3.10, 0, 4.19.283

Timeline

Dec 30, 2025 CVE Published
Dec 31, 2025 EPSS Score
Dec 31, 2025 CVE Updated
Jan 3, 2026 EPSS Score
Jan 6, 2026 EPSS Score
Jan 9, 2026 EPSS Score
Jan 12, 2026 EPSS Score
Jan 14, 2026 EPSS Score
Jan 17, 2026 EPSS Score
Jan 20, 2026 EPSS Score
Jan 23, 2026 EPSS Score
Jan 26, 2026 EPSS Score

References

Open in Interactive Console →