CVE-2023-53768Off-by-one Error in Linux

CWE-193Off-by-one Error6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 8

Description

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmap_add_irq_chip_fwnode(), the intent is to allocate a matrix with num_config_bases rows and num_config_regs columns. This is currently handled by allocating a buffer to hold a pointer for each row (i.e. num_config_bases). After that, the logic attempts to allocate the memory required to hold

Affected Packages4 packages

Linuxlinux/linux_kernel6.0.06.1.40+1
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linuxfaa87ce9196dbb074d75bd4aecb8bacf18f19b4eb1a726ad33e585e3d9fa70712df31ae105e4532c+3
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
regmap-irq: Fix out-of-bounds access when allocating config buffers2025-12-08
OSV
CVE-2023-53768: In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocatin2025-12-08
GHSA
GHSA-x59p-mm6w-2vq3: In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocat2025-12-08

📋Vendor Advisories

2
Red Hat
kernel: regmap-irq: Fix out-of-bounds access when allocating config buffers2025-12-08
Debian
CVE-2023-53768: linux - In the Linux kernel, the following vulnerability has been resolved: regmap-irq:...2023