CVE-2023-53788Improper Validation of Array Index in Linux

CWE-129Improper Validation of Array Index6 documents5 sources
Severity
6.1MEDIUM
No vector
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < TUNING_CTLS_COUNT; i++) (A) if (nid == ca0132_tuning_ctls[i].nid) break; snd_hda_power_up(...); (X) dspio_set_param(..., ca0132_tuning_ctls[i].mid, ...); snd_hda_power_down(...); ^ return 1; } We will get below error by cp

Affected Packages4 packages

Linuxlinux/linux_kernel3.9.04.14.312+6
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux44f0c9782cc6ab71ea947f8f710a46f2078a151cff5e8b49348f6a550c136b74efaf8b3c1d3ceaea+8
debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-m6p4-729v-8g7c: In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() migh2025-12-09
OSV
CVE-2023-53788: In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might2025-12-09
OSV
ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()2025-12-09
Debian
CVE-2023-53788: linux - In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/c...2023