CVE-2023-54284

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Linux kernel related to the av7110 driver, specifically within the write ts to decoder() function. The buf[4] value, originating from user input through the ts play() function, is used in a length calculation for av7110 ipack instant repack(). Without proper bounds checking, this calculation could result in a negative length value, potentially leading to an underflow. The fix introduces a check to ensure the calculated length is not negative. The unnecessary "if (!len)" condition was also removed as a result of the bounds checking.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.