CVE-2023-54179

NONECVSS 0.0

0.0

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Array index may go out of bound

Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf().

CVSS v3: —
EG Score: 0.0(none)
EPSS: 12.6%
KEV: Not listed

Published

December 30, 2025

Last Modified

April 15, 2026

References (7)

416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2b3bdef089b920b4a19fefb4f4e6dda56a4bb583
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/748d8f8698a2f48ffe32dd7b35dbab1810ed1f82
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bcd773969a87d9802053c0db5be84abd6594a024
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d721b591b95cf3f290f8a7cbe90aa2ee0368388d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e697f466bf61280b7e996c9ea096d7ec371c31ea
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e934737e18ff069a66cd53cd7f7a0b34ae2c24fe
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ea64c727f20123342020257cfa956fbfbd6d12ff

Patch Availability(3)

Vendor / Ecosystem	Fixed in / Patch	Released	Source
redhat	kernel-0:4.18.0-553.el8_10	2024-05-22	redhat
redhat	kernel-0:5.14.0-427.13.1.el9_4	2024-04-30	redhat
linux	Kernel @ 4.19.291	—	osv

Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.

All Vendor Advisories

(2)

Every vendor that published an advisory referencing this CVE — pulled from our cve_vendor_advisories aggregation. Click any row for the vendor's original advisory page.

Data Freshness Timeline

(refreshed 10× in last 7d / 54× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

2026-06-12 23:11 UTCEPSS rescore
2026-06-11 13:59 UTCEPSS rescore
2026-06-10 22:17 UTCEPSS rescore
2026-06-10 13:21 UTCEPSS rescore
2026-06-08 14:16 UTCEPSS rescore
2026-06-08 14:16 UTCEPSS rescore
2026-06-07 15:24 UTCEPSS rescore
2026-06-07 15:24 UTCEPSS rescore
2026-06-06 13:46 UTCEPSS rescore
2026-06-06 13:46 UTCEPSS rescore
2026-06-05 22:46 UTCEPSS rescore
2026-06-05 22:46 UTCEPSS rescore
2026-06-05 06:09 UTCEPSS rescore
2026-06-05 06:09 UTCEPSS rescore
2026-06-04 13:11 UTCEPSS rescore
2026-06-04 13:11 UTCEPSS rescore
2026-06-02 20:12 UTCEPSS rescore
2026-06-02 20:12 UTCEPSS rescore
2026-06-01 21:11 UTCOSV refresh
2026-06-01 13:51 UTCEPSS rescore
2026-05-31 22:30 UTCEPSS rescore
2026-05-31 22:30 UTCEPSS rescore
2026-05-31 00:15 UTCEPSS rescore
2026-05-31 00:15 UTCEPSS rescore
2026-05-29 13:43 UTCEPSS rescore

Show 29 more

2026-05-28 13:44 UTCEPSS rescore
2026-05-28 13:44 UTCEPSS rescore
2026-05-27 13:40 UTCEPSS rescore
2026-05-27 13:39 UTCEPSS rescore
2026-05-26 13:43 UTCEPSS rescore
2026-05-26 13:43 UTCEPSS rescore
2026-05-26 07:18 UTCEPSS rescore
2026-05-26 07:18 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-22 21:16 UTCEPSS rescore
2026-05-21 01:44 UTCEG score recompute
2026-05-21 01:44 UTCVendor advisory
2026-05-21 01:44 UTCGHSA enrichment
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 22:37 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-20 11:21 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore
2026-05-18 21:30 UTCEPSS rescore

Frequently asked(4)

What is CVE-2023-54179?

CVE-2023-54179 is a none vulnerability published on December 30, 2025. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf().

When was CVE-2023-54179 disclosed?

CVE-2023-54179 was first published in the National Vulnerability Database on December 30, 2025, with the most recent update on April 15, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.

Is CVE-2023-54179 actively exploited?

CVE-2023-54179 is not currently on CISA's Known Exploited Vulnerabilities catalog. FIRST EPSS estimates a 12.6% percentile likelihood of exploitation in the next 30 days — higher percentiles indicate greater predicted risk.

How do I remediate CVE-2023-54179?

Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2023-54179, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

See which npm, PyPI, Go, and Maven packages are affected by CVE-2023-54179

Explore →

Is Your Infrastructure Affected by CVE-2023-54179?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs