CVE-2023-53476

Опубликовано: 01 окт. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()

This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep". The problem is that "epcp" has been re-assigned so just testing "if (epcp->state == LISTEN) {" a second time is not sufficient.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.18 (включая) до 5.15.99 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.1.16 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.2.3 (исключая)

EPSS

Процентиль: 3%

0.00017

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2023-53476

CVSS3: 5.5

ubuntu

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep". The problem is that "epcp" has been re-assigned so just testing "if (epcp->state == LISTEN) {" a second time is not sufficient.

CVE-2023-53476

CVSS3: 5.5

debian

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: i ...

GHSA-m68q-hxmp-jh9g

CVSS3: 5.5

github

4 месяца назад

SUSE-SU-2025:4189-1

suse-cvrf

2 месяца назад

Security update for the Linux Kernel

SUSE-SU-2025:03628-1

suse-cvrf

4 месяца назад

Security update for the Linux Kernel

EPSS

Процентиль: 3%

0.00017

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476