CVE-2023-53703Incorrect Bitwise Shift of Integer in Linux

CWE-1335Incorrect Bitwise Shift of Integer6 documents5 sources
Severity
4.7MEDIUM
No vector
EPSS
0.0%
top 93.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... [ 6.120512] UBSAN: shift-out-of-bounds in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c:149:50 [ 6.120598] shift exponent 104 is too large for 64-bit type 'long unsigned int' [ 6.120659] CPU: 4 PID: 96 Comm: kworker/4:1 Not tainted 6.4.0a

Affected Packages4 packages

Linuxlinux/linux_kernel6.0.06.1.40+1
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux93ce5e0231d79189be4d9e5f9295807b189414195a45ed1ae34bb0e68944471f4bafb68e0a572791+3
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-rmv6-m884-3827: In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' v2025-10-22
OSV
HID: amd_sfh: Fix for shift-out-of-bounds2025-10-22
OSV
CVE-2023-53703: In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' var2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: HID: amd_sfh: Fix for shift-out-of-bounds2025-10-22
Debian
CVE-2023-53703: linux - In the Linux kernel, the following vulnerability has been resolved: HID: amd_sf...2023