CVE-2023-53168 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 15
Description
In the Linux kernel, the following vulnerability has been resolved:
usb: ucsi_acpi: Increase the command completion timeout
Commit 130a96d698d7 ("usb: typec: ucsi: acpi: Increase command
completion timeout value") increased the timeout from 5 seconds
to 60 seconds due to issues related to alternate mode discovery.
After the alternate mode discovery switch to polled mode
the timeout was reduced, but instead of being set back to
5 seconds it was reduced to 1 second.
This is causing problems wh…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linuxe08065069fc7b074712378a95a3522d557e9bbe1 — 1e8525f37871741a52370627633962f8bdcab15a+3
Patches
🔴Vulnerability Details
5OSV▶
CVE-2023-53168: In the Linux kernel, the following vulnerability has been resolved: usb: ucsi_acpi: Increase the command completion timeout Commit 130a96d698d7 ("usb:↗2025-09-15
GHSA▶
GHSA-mhq5-fgp5-4gpg: In the Linux kernel, the following vulnerability has been resolved:
usb: ucsi_acpi: Increase the command completion timeout
Commit 130a96d698d7 ("us↗2025-09-15