PT-2025-49491 · Linux+2 · Linux Kernel+2

Published

2023-05-13

Updated

2026-02-24

CVE-2023-53761

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-syzkaller-12049-g58390c8ce1bd

Description The Linux kernel usbtmc driver had a flaw where it did not check the direction of 0-length ioctl control messages. This could lead to issues when a user submits an ioctl for a 0-length control transfer. The syzbot fuzzer identified this problem, resulting in a BOGUS control direction error during USB communication. The issue occurs within the usb submit urb function when handling control requests. The fix involves overriding the direction in the bRequestType field of the control request structure when the length is 0.

Recommendations Update to version 6.3.0-syzkaller-12049-g58390c8ce1bd or a later version to address this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-672

Related Identifiers

BDU:2026-01267

CVE-2023-53761

RHSA-2024:2394

RHSA-2024:3138

SUSE-SU-2026:0263-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0369-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Affected Products

Centos

Linux Kernel

Red Hat

PT-2025-49491 · Linux+2 · Linux Kernel+2

CVE-2023-53761

Weakness Enumeration

Related Identifiers

Affected Products

References · 995