CVE-2023-53803 — Out-of-bounds Read in Linux

CWE-125 — Out-of-bounds Read6 documents5 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 85.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271 Checking after (and before in next loop) addl_desc_ptr[1] is sufficient, we expect the size to be sanitized before first access to addl_desc_ptr[1]. Make sure we don't walk beyond end of page.

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.32 — 4.14.308+6

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux21fab1d0595eacf781705ec3509012a28f298245 — da1a955c48a16e16e925d6544793914e52a6fa51+8

▶debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

OSV

scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()↗2025-12-09

▶

OSV

CVE-2023-53803: In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG:↗2025-12-09

▶

GHSA

GHSA-7mw7-q5qp-mcqq: In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BU↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()↗2025-12-09

▶

Debian

CVE-2023-53803: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: ses: ...↗2023

▶