PT-2025-40172 · Linux+4 · Linux Kernel+4

Published

2023-06-01

Updated

2025-11-19

CVE-2023-53465

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to soundwire Qualcomm configurations. Specifically, the qcom swrm ctrl->pconfig buffer can experience an out-of-bounds write due to indexing starting from 1 instead of 0. This can lead to overwriting adjacent memory within the qcom swrm ctrl structure. The issue was reported by smatch in the qcom swrm get port config() function within the drivers/soundwire/qcom.c file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-188CWE-787

Related Identifiers

ALSA-2025_16880

BDU:2026-03354

CVE-2023-53465

RHSA-2024:2394

RHSA-2024_2394

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Linux Kernel

Qualcomm

Red Hat

Suse

PT-2025-40172 · Linux+4 · Linux Kernel+4

CVE-2023-53465

Weakness Enumeration

Related Identifiers

Affected Products

References · 2008