PT-2025-40226 · Linux+2 · Linux Kernel+2

Published

2023-04-17

Updated

2026-02-06

CVE-2023-53519

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's v4l2-mem2mem subsystem related to insufficient locking protection of the num rdy parameter. This can lead to data races when accessing this parameter within the v4l2 m2m num src bufs ready and v4l2 m2m num dst bufs ready functions, as identified by Kernel Concurrency Sanitizer (KCSAN) testing. The issue manifests as a data-race within the v4l2 m2m buf queue function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-20

Related Identifiers

ALSA-2025_16880

BDU:2025-12907

CVE-2023-53519

OESA-2026-1306

RHSA-2025:6966

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4189-1

Affected Products

Linux Kernel

Red Hat

Suse

PT-2025-40226 · Linux+2 · Linux Kernel+2

CVE-2023-53519

Weakness Enumeration

Related Identifiers

Affected Products

References · 2154