CVE-2023-54282

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: tuners: qt1010: replace BUG_ON with a regular error

BUG_ON is unnecessary here, and in addition it confuses smatch. Replacing this with an error return help resolve this smatch warning:

drivers/media/tuners/qt1010.c:350 qt1010_init() error: buffer overflow 'i2c_data' 34 <= 34

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < 6cae780862d221106626b2b5fb21a197f398c6ecaffected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < f844bc3a47d8d1c55a4a9cfca38c538e9df7e678affected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < 641e60223971e95472a2a9646b1e7f94d441de45affected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < 2ae53dd15eef90d34fc084b5b2305a67bb675a26affected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < 48bb6a9fa5cb150ac2a22b3c779c96bc0ed21071affected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < 257092cb544c7843376b3e161f789e666ef06c98affected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < 1a6bf53fffe0b7ebe2a0f402b44f14f90cffd164affected
LinuxLinux4682b58e5af01ee856a706083eac71238fb69cd0 < ee630b29ea44d1851bb6c903f400956604834463affected
LinuxLinux4.2affected
LinuxLinux0 < 4.2unaffected
LinuxLinux4.14.326 <= 4.14.*unaffected
LinuxLinux4.19.295 <= 4.19.*unaffected
LinuxLinux5.4.257 <= 5.4.*unaffected
LinuxLinux5.10.197 <= 5.10.*unaffected
LinuxLinux5.15.133 <= 5.15.*unaffected
LinuxLinux6.1.55 <= 6.1.*unaffected
LinuxLinux6.5.5 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References