CVE-2023-53465

Опубликовано: 01 окт. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

soundwire: qcom: fix storing port config out-of-bounds

The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to writing port config past 'pconfig' bounds and overwriting next member of 'qcom_swrm_ctrl' struct. Reported also by smatch:

drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow 'ctrl->pconfig' 14 <= 14

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.13 (включая) до 5.15.121 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.1.40 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.4.5 (исключая)

EPSS

Процентиль: 6%

0.00023

Низкий

7.1 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2023-53465

CVSS3: 7.1

ubuntu

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to writing port config past 'pconfig' bounds and overwriting next member of 'qcom_swrm_ctrl' struct. Reported also by smatch: drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow 'ctrl->pconfig' 14 <= 14

CVE-2023-53465

CVSS3: 7.1

debian

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: s ...

GHSA-qhgr-vhx2-3qm4

CVSS3: 7.1

github

4 месяца назад

SUSE-SU-2025:03628-1

suse-cvrf

4 месяца назад

Security update for the Linux Kernel

SUSE-SU-2025:3751-1

suse-cvrf

4 месяца назад

Security update for the Linux Kernel

EPSS

Процентиль: 6%

0.00023

Низкий

7.1 High

CVSS3

Дефекты

CWE-125