CVE-2023-53847

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.0-rc7+

Description The usb-storage alauda subdriver contains a flaw where alauda check media() does not verify successful USB transfers before utilizing the received data. This can lead to access of uninitialized values. A similar issue exists in alauda get media status(). Additionally, alauda check media() performs Direct Memory Access (DMA) to a buffer on the stack, while a DMA-able buffer is provided by usb-storage for such operations.

Recommendations Update to version 5.3.0-rc7+ or later.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53847

OESA-2026-1306

RHSA-2024:2394

RHSA-2024:7000

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Centos

Linux Kernel

Red Hat

CVE-2023-53847

Related Identifiers

Affected Products

References · 2263