CVE-2023-53456Buffer Access with Incorrect Length Value in Linux

CWE-805Buffer Access with Incorrect Length Value5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxx_set_chap_entry() - qla4xxx_iface_set_param() - qla4xxx_sysfs_ddb_set_param() and each of them directly converts the nlattr to specific pointer of structure without length checking. This could be dangerous as those attributes are not validated and a malformed nlattr (e.g., length 0) could result in an OOB read

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel3.24.14.326+7
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux00c31889f7513e9ffa6b2b4de8ad6d7f59a61c80cfa6a1a79ed6d336fac7a5d87eb5471e4401829f+9
debiandebian/linux< linux 6.1.55-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-vp46-h7c5-rj5w: In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that2025-10-01
OSV
CVE-2023-53456: In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that q2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: scsi: qla4xxx: Add length check when parsing nlattrs2025-10-01
Debian
CVE-2023-53456: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: qla4x...2023