PT-2025-40172 · Linux+4 · Linux Kernel+4

Publicado

2023-06-01

Atualizado

2025-11-19

CVE-2023-53465

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to soundwire Qualcomm configurations. Specifically, the qcom swrm ctrl->pconfig buffer can experience an out-of-bounds write due to indexing starting from 1 instead of 0. This can lead to overwriting adjacent memory within the qcom swrm ctrl structure. The issue was reported by smatch in the qcom swrm get port config() function within the drivers/soundwire/qcom.c file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-188CWE-787

Identificadores relacionados

ALSA-2025_16880

BDU:2026-03354

CVE-2023-53465

RHSA-2024:2394

RHSA-2024_2394

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Produtos afetados

Astra Linux

Linux Kernel

Qualcomm

Red Hat

Suse

PT-2025-40172 · Linux+4 · Linux Kernel+4

CVE-2023-53465

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2008