CVE-2023-54248 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add check for kmemdup Since the kmemdup may return NULL pointer, it should be better to add check for the return value in order to avoid NULL pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/7898db22ed6cee909513cf4935b5f9f0298b74f0
https://git.kernel.org/stable/c/952bbfcedbf895963509861e55a6e4fc105eb842
https://git.kernel.org/stable/c/9f36704a58adade3b0216f8a3fa5503db4517208
https://git.kernel.org/stable/c/cdcdfd57f4c701f832787da1309cc6687917d783
https://git.kernel.org/stable/c/e6c3cef24cb0d045f99d5cb039b344874e3cfd74

History

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add check for kmemdup Since the kmemdup may return NULL pointer, it should be better to add check for the return value in order to avoid NULL pointer dereference.
Title		fs/ntfs3: Add check for kmemdup
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/7898db22ed6cee909513cf4935b5f9f0298b74f0 https://git.kernel.org/stable/c/952bbfcedbf895963509861e55a6e4fc105eb842 https://git.kernel.org/stable/c/9f36704a58adade3b0216f8a3fa5503db4517208 https://git.kernel.org/stable/c/cdcdfd57f4c701f832787da1309cc6687917d783 https://git.kernel.org/stable/c/e6c3cef24cb0d045f99d5cb039b344874e3cfd74

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:15:46.091Z

Updated: 2025-12-30T12:15:46.091Z

Reserved: 2025-12-30T12:06:44.514Z

Link: CVE-2023-54248

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-30T13:16:13.440

Modified: 2025-12-30T13:16:13.440

Link: CVE-2023-54248

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54248", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-30T12:06:44.514Z", "datePublished": "2025-12-30T12:15:46.091Z", "dateUpdated": "2025-12-30T12:15:46.091Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-30T12:15:46.091Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add check for kmemdup\n\nSince the kmemdup may return NULL pointer,\nit should be better to add check for the return value\nin order to avoid NULL pointer dereference."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ntfs3/fslog.c"], "versions": [{"version": "b46acd6a6a627d876898e1c84d3f84902264b445", "lessThan": "952bbfcedbf895963509861e55a6e4fc105eb842", "status": "affected", "versionType": "git"}, {"version": "b46acd6a6a627d876898e1c84d3f84902264b445", "lessThan": "7898db22ed6cee909513cf4935b5f9f0298b74f0", "status": "affected", "versionType": "git"}, {"version": "b46acd6a6a627d876898e1c84d3f84902264b445", "lessThan": "9f36704a58adade3b0216f8a3fa5503db4517208", "status": "affected", "versionType": "git"}, {"version": "b46acd6a6a627d876898e1c84d3f84902264b445", "lessThan": "cdcdfd57f4c701f832787da1309cc6687917d783", "status": "affected", "versionType": "git"}, {"version": "b46acd6a6a627d876898e1c84d3f84902264b445", "lessThan": "e6c3cef24cb0d045f99d5cb039b344874e3cfd74", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ntfs3/fslog.c"], "versions": [{"version": "5.15", "status": "affected"}, {"version": "0", "lessThan": "5.15", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.111", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.28", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.15", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.2", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "5.15.111"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.1.28"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.2.15"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.3.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/952bbfcedbf895963509861e55a6e4fc105eb842"}, {"url": "https://git.kernel.org/stable/c/7898db22ed6cee909513cf4935b5f9f0298b74f0"}, {"url": "https://git.kernel.org/stable/c/9f36704a58adade3b0216f8a3fa5503db4517208"}, {"url": "https://git.kernel.org/stable/c/cdcdfd57f4c701f832787da1309cc6687917d783"}, {"url": "https://git.kernel.org/stable/c/e6c3cef24cb0d045f99d5cb039b344874e3cfd74"}], "title": "fs/ntfs3: Add check for kmemdup", "x_generator": {"engine": "bippy-1.2.0"}}}}