CVE-2023-53785Linux vulnerability

6 documents5 sources
Severity
6.5MEDIUM
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921_usb_sdio_tx_prepare_skb() calls mt7921_usb_sdio_write_txwi() and mt7921_skb_add_usb_sdio_hdr(), both of which blindly assume that adequate headroom will be available in the passed skb. This assumption typically is satisfied when the skb was allocated in the net core for transmission via the mt7921 netdev (although even that is only an optimization and is not

Affected Packages4 packages

Linuxlinux/linux_kernel5.12.06.1.55+1
Debianlinux/linux_kernel< 6.1.55-1+2
CVEListV5linux/linuxe0f9fdda81bd32371ddac9222487e612027d8de25c8bbb79c7cbca65534badf360f3b1145759c7bc+3
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-53785: In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921_usb_sdio_tx_p2025-12-09
OSV
mt76: mt7921: don't assume adequate headroom for SDIO headers2025-12-09
GHSA
GHSA-j2j9-3mwm-mxcq: In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921_usb_sdio_tx2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: mt76: mt7921: don't assume adequate headroom for SDIO headers2025-12-09
Debian
CVE-2023-53785: linux - In the Linux kernel, the following vulnerability has been resolved: mt76: mt792...2023