Vulnerability Lookup

🛡️ CVE-2023-54198

⚪ Unknown ✅ No Known Exploit NVD

N/A

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in tty_driver_lookup_tty() When specifying an invalid console= device like console=tty3270, tty_driver_lookup_tty() returns the tty struct without checking whether index is a valid number. To reproduce: qemu-system-x86_64 -enable-kvm -nographic -serial mon:stdio \ -kernel ../linux-build-x86/arch/x86/boot/bzImage \ -append "console=ttyS0 console=tty3270" This crashes with: [ 0.770599] BUG: kernel NULL pointer dereference, address: 00000000000000ef [ 0.771265] #PF: supervisor read access in kernel mode [ 0.771773] #PF: error_code(0x0000) - not-present page [ 0.772609] Oops: 0000 [#1] PREEMPT SMP PTI [ 0.774878] RIP: 0010:tty_open+0x268/0x6f0 [ 0.784013] chrdev_open+0xbd/0x230 [ 0.784444] ? cdev_device_add+0x80/0x80 [ 0.784920] do_dentry_open+0x1e0/0x410 [ 0.785389] path_openat+0xca9/0x1050 [ 0.785813] do_filp_open+0xaa/0x150 [ 0.786240] file_open_name+0x133/0x1b0 [ 0.786746] filp_open+0x27/0x50 [ 0.787244] console_on_rootfs+0x14/0x4d [ 0.787800] kernel_init_freeable+0x1e4/0x20d [ 0.788383] ? rest_init+0xc0/0xc0 [ 0.788881] kernel_init+0x11/0x120 [ 0.789356] ret_from_fork+0x22/0x30

Details

Severity Unknown

CVSS Score N/A

CVSS Vector N/A

CWE N/A

Public Exploit ✅ No

Source NVD

Published 2025-12-30

Updated 2026-06-08

Modified 2026-04-02

Fix URL N/A

Affected Packages

Software	From version	Fixed in
kernel	6.2.0	6.2.5
unknown	—	—

References

WEB https://git.kernel.org/stable/c/3df6f492f500a16c231f07ccc6f6ed1302caddf9

WEB https://git.kernel.org/stable/c/765566110eb0da3cf60198b0165ecceeaafa6444

WEB https://git.kernel.org/stable/c/84ea44dc3e4ecb2632586238014bf6722aa5843b

WEB https://git.kernel.org/stable/c/953a4a352a0c185460ae1449e4c6e6658e55fdfc

WEB https://git.kernel.org/stable/c/b79109d6470aaae7062998353e3a19449055829d

WEB https://git.kernel.org/stable/c/db4df8e9d79e7d37732c1a1b560958e8dadfefa1

WEB https://git.kernel.org/stable/c/f9d9d25ad1f0d060eaf297a2f7f03b5855a45561

WEB https://git.kernel.org/stable/c/fcfeaa570f7a5c2d5f4f14931909531ff18b7fde

ADVISORY https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54198.json

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-54198

PACKAGE https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

🔗 NVD 🔗 Mitre

Similar Threats

Unknown ALSA-2023:2458
Unknown ALSA-2023:1703
Unknown ALSA-2023:1566
Unknown ALSA-2023:1470
Unknown ALSA-2023:0951

Patch Gap Protection

Running software with known vulnerabilities?

BotEraser can help reduce exposure by blocking IPs associated with exploit activity — even before a patch is available.

Start Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Running software with known vulnerabilities?

Company

Resources

Services

Trusted

Subscribe