PT-2025-40745 · Linux+4 · Linux Kernel+4

Published

2023-01-16

Updated

2026-02-10

CVE-2023-53582

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0+ #132

Description A stack-out-of-bounds read issue exists in the brcmfmac component of the Linux kernel. This occurs when a CLM version string, which is not null-terminated, is passed as an argument to the strreplace() function within brcmf c preinit dcmds(). The issue is triggered when the buffer is filled with a CLM version string by memcpy() in brcmf fil iovar data get(). This can lead to a system crash. The issue was discovered through a modified version of syzkaller.

Recommendations Update to a version after 5.14.0+ #132.

Exploit

Fix

Out of bounds Read

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-476

Related Identifiers

ALSA-2025_16880

BDU:2026-01525

CESA-2023_7077

CVE-2023-53582

OESA-2025-2659

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4189-1

SUSE-SU-2025:4320-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

Brcmfmac

PT-2025-40745 · Linux+4 · Linux Kernel+4

CVE-2023-53582

Weakness Enumeration

Related Identifiers

Affected Products

References · 652