CVE-2023-54054

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the qla2xxx SCSI driver that can lead to a buffer overrun. The issue stems from an incorrect buffer size calculation during the use of the fc els flogi function, resulting in a potential array index out of bounds write. The driver uses fc els flogi to determine the buffer size, but the actual buffer nested within fc els flogi is smaller than expected. This is addressed by correcting the structure name to enable accurate size calculation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.