CVE-2023-53814 — Improper Validation of Specified Index, Position, or Offset in Input in Linux

CWE-1285 — Improper Validation of Specified Index, Position, or Offset in Input6 documents5 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 90.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) # cat /sys/kernel/debug/kmemleak unreferenced object 0xc3a34e00 (size 64): comm "swapper/0", pid 1, jiffies 4294937460 (age 199.080s) hex dump (first 32 bytes): b4 5d 81 f0 b4 5d 81 f0 c0 b0 a2 c3 00 00 00 00 .]...].......... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ...…

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.16.0 — 6.1.16+1

▶Debianlinux/linux_kernel< 6.1.20-1+2

▶CVEListV5linux/linuxfd168b7d1d7cfc61cea561b1e3cc47aefc9e8f19 — e4af080f3ef6a65b0d702988c2471a47c9ae2cc0+4

▶debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-3f48-8rf6-xmcq: In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with↗2025-12-09

▶

OSV

CVE-2023-53814: In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with↗2025-12-09

▶

OSV

PCI: Fix dropping valid root bus resources with .end = zero↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: PCI: Fix dropping valid root bus resources with .end = zero↗2025-12-09

▶

Debian

CVE-2023-53814: linux - In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dr...↗2023

▶