CVE-2023-53847Access of Uninitialized Pointer in Linux

CWE-824Access of Uninitialized Pointer7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_transport+0x462/0x57f0 drivers/usb/storage/alauda.c:1137 CPU: 0 PID: 12279 Comm: usb-storage Not tainted 5.3.0-rc7+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __d

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.164.14.323+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linuxe80b0fade09ef1ee67b0898d480d4c588f124d5f153c3e85873cc3e2f387169783c3a227bad9a95a+8
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
usb-storage: alauda: Fix uninit-value in alauda_check_media()2025-12-09
OSV
CVE-2023-53847: In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to2025-12-09
GHSA
GHSA-c2v2-h9q2-p64v: In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN t2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()2025-12-09
Debian
CVE-2023-53847: linux - In the Linux kernel, the following vulnerability has been resolved: usb-storage...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-53847 Impact, Exploitability, and Mitigation Steps | Wiz