Security Advisory

CVE-2023-54279

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-30 12:16:07
Last updated 2026-05-11 19:58:54
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fw_getenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointer dereference.