CVE-2023-54279
CVE-2023-54279 concerns the Linux kernel MIPS fw handling when firmware passes an empty environment. The issue arises in fw_getenv, which uses an env entry to determine the style of env data; firmware may supply an empty list, risking a null pointer dereference if code path assumes a non-empty fi...