CVE-2023-53679

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0+

Description An integer underflow issue exists in the Linux kernel's mt7601u driver, specifically within the 'mt7601u rx skb from seg()' function. This underflow can occur due to manipulation of the dma len variable in a URB packet, leading to a bypass of 'bad frame' checks and ultimately a null pointer dereference when accessing the pointer p. The issue was identified using a modified version of syzkaller.

Recommendations Update the Linux kernel to a version newer than 5.14.0+.

Exploit

Fix

Integer Underflow

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191CWE-476

Related Identifiers

ALSA-2025_16880

BDU:2026-01530

CVE-2023-53679

RHSA-2023:6583

RHSA-2023:7077

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4320-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

Mt7601U

CVE-2023-53679

Weakness Enumeration

Related Identifiers

Affected Products

References · 458