PT-2025-41110 · Linux+4 · Linux Kernel+4

Published

2023-07-04

Updated

2025-11-28

CVE-2023-53666

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Linux kernel related to error handling during MBHC (Memory Block Handling Controller) initialization within the wcd938x codec. Specifically, the initialization process can fail, potentially leading to a dereference of an error pointer when configuring the jack. This can result in a kernel paging request. The functions involved include wcd mbhc start, wcd938x codec set jack, snd soc component set jack, qcom snd wcd jack setup, sc8280xp snd init, snd soc link init, snd soc bind card, snd soc register card, and devm snd soc register card.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Access of Uninitialized Pointer

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-703CWE-824

Related Identifiers

BDU:2026-04107

CVE-2023-53666

RHSA-2024:2394

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4128-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4301-1

Affected Products

Linux Kernel

Red Hat

Suse

Sc8280Xp

Wcd938X Codec

PT-2025-41110 · Linux+4 · Linux Kernel+4

CVE-2023-53666

Weakness Enumeration

Related Identifiers

Affected Products

References · 1014