CVE-2023-53062

Published May 2, 2025

Last updated 6 months ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory contents.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed
Products: linux_kernel

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-401

Hype score: Not currently trending

CVE-2023-53062 In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may … https://t.co/JfBtHH0ZSO
@CVEnew
2 May 2025
261 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0DDD2FC8-57E0-492D-8A41-083F1655F11B",
            "versionEndExcluding": "4.14.312",
            "versionStartIncluding": "2.6.28",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "B8449DA5-0637-406C-99C3-84AF4CB5F3EB",
            "versionEndExcluding": "4.19.280",
            "versionStartIncluding": "4.15",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "2C5F51A3-AEBF-4E51-AA58-D8C8B4554A86",
            "versionEndExcluding": "5.4.240",
            "versionStartIncluding": "4.20",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9FED8369-E7A1-48C6-9700-6ADEDEC371F7",
            "versionEndExcluding": "5.10.177",
            "versionStartIncluding": "5.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0888AE70-CB0A-45C0-B9BD-A5371244C8DB",
            "versionEndExcluding": "5.15.105",
            "versionStartIncluding": "5.11",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "642B6F99-95C6-47F5-A9B1-5C45FE08CAD0",
            "versionEndExcluding": "6.1.22",
            "versionStartIncluding": "5.16",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "914F22DD-1E6F-4B0A-A14D-3A9F068F6761",
            "versionEndExcluding": "6.2.9",
            "versionStartIncluding": "6.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References