VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2023-54066

CVE-2023-54066

Description

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer

In gl861_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach gl861_i2c_master_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash.

Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Null pointer dereference in Linux kernel's gl861 I2C driver allows local users to crash the system via crafted I2C messages.

Vulnerability

In the Linux kernel's DVB USB driver for gl861, the function gl861_i2c_master_xfer lacks a sanity check on msg[i].len. When a user-controlled I2C message has a null buf and zero len, earlier checks on buf are bypassed, leading to a null pointer dereference when accessing msg[i].buf[0] [1][2].

Exploitation

An attacker with local access to the system can send malicious I2C messages through the DVB USB device interface. No special privileges beyond the ability to interact with the device are required [1].

Impact

Successful exploitation results in a kernel crash (denial of service). The vulnerability does not appear to allow privilege escalation or arbitrary code execution based on the available information [2].

Mitigation

The fix has been backported to stable kernel trees. Users should update their Linux kernel to a version containing the commit that adds the missing length check [1][2].

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

5
578b67614ae0
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
2a33fc57133d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
dfcd3c010209
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
72af676551ef
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b97719a66970
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.