CVE-2023-53803 (GCVE-0-2023-53803)
Vulnerability from cvelistv5 – Published: 2025-12-09 00:00 – Updated: 2025-12-09 00:00
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
A fix for:
BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses]
Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271
Checking after (and before in next loop) addl_desc_ptr[1] is sufficient, we
expect the size to be sanitized before first access to addl_desc_ptr[1].
Make sure we don't walk beyond end of page.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux |
Affected:
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < da1a955c48a16e16e925d6544793914e52a6fa51
(git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 9e5c7d52085b8c84bc82a261580f0eb170039325 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 467afb1dd630d8c6d172bd6cacc125199b5f4f2d (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < e4dd25da784b2e07dbfbf04509afa4c5a1375227 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 2b28a7d261cb309912596d6a2d383ca370483527 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 0dfe68394cbe1d4fe579fb325ecc813c50528c5a (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 799e8dd2022d2e13f0c5c1906b40ceca07a23349 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 9b4f5028e493cb353a5c8f5c45073eeea0303abd (git) |
|||||||
|
|||||||||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/ses.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "da1a955c48a16e16e925d6544793914e52a6fa51",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "9e5c7d52085b8c84bc82a261580f0eb170039325",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "467afb1dd630d8c6d172bd6cacc125199b5f4f2d",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "e4dd25da784b2e07dbfbf04509afa4c5a1375227",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "2b28a7d261cb309912596d6a2d383ca370483527",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "0dfe68394cbe1d4fe579fb325ecc813c50528c5a",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "799e8dd2022d2e13f0c5c1906b40ceca07a23349",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "9b4f5028e493cb353a5c8f5c45073eeea0303abd",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/ses.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.308",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.276",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.235",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.173",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.99",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"version": "6.2.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.3",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()\n\nA fix for:\n\nBUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses]\nRead of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271\n\nChecking after (and before in next loop) addl_desc_ptr[1] is sufficient, we\nexpect the size to be sanitized before first access to addl_desc_ptr[1].\nMake sure we don\u0027t walk beyond end of page."
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T00:00:59.913Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/da1a955c48a16e16e925d6544793914e52a6fa51"
},
{
"url": "https://git.kernel.org/stable/c/9e5c7d52085b8c84bc82a261580f0eb170039325"
},
{
"url": "https://git.kernel.org/stable/c/467afb1dd630d8c6d172bd6cacc125199b5f4f2d"
},
{
"url": "https://git.kernel.org/stable/c/e4dd25da784b2e07dbfbf04509afa4c5a1375227"
},
{
"url": "https://git.kernel.org/stable/c/2b28a7d261cb309912596d6a2d383ca370483527"
},
{
"url": "https://git.kernel.org/stable/c/0dfe68394cbe1d4fe579fb325ecc813c50528c5a"
},
{
"url": "https://git.kernel.org/stable/c/799e8dd2022d2e13f0c5c1906b40ceca07a23349"
},
{
"url": "https://git.kernel.org/stable/c/9b4f5028e493cb353a5c8f5c45073eeea0303abd"
}
],
"title": "scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-53803",
"datePublished": "2025-12-09T00:00:59.913Z",
"dateReserved": "2025-12-08T23:58:35.276Z",
"dateUpdated": "2025-12-09T00:00:59.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-53803\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-09T01:16:52.130\",\"lastModified\":\"2025-12-09T18:37:13.640\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()\\n\\nA fix for:\\n\\nBUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses]\\nRead of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271\\n\\nChecking after (and before in next loop) addl_desc_ptr[1] is sufficient, we\\nexpect the size to be sanitized before first access to addl_desc_ptr[1].\\nMake sure we don\u0027t walk beyond end of page.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0dfe68394cbe1d4fe579fb325ecc813c50528c5a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2b28a7d261cb309912596d6a2d383ca370483527\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/467afb1dd630d8c6d172bd6cacc125199b5f4f2d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/799e8dd2022d2e13f0c5c1906b40ceca07a23349\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9b4f5028e493cb353a5c8f5c45073eeea0303abd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9e5c7d52085b8c84bc82a261580f0eb170039325\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/da1a955c48a16e16e925d6544793914e52a6fa51\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e4dd25da784b2e07dbfbf04509afa4c5a1375227\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…