CVE-2023-53019

HIGH EPSS 8.2%
Published Mar 27, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Mar 27, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bounds access to array mdio_map. One existing case is stmmac_init_phy() that may pass -1 as addr. Therefore validate addr before using it.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
8.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-129

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥4.5  –  <4.14.305
linuxlinux_kernel*≥4.15  –  <4.19.272
linuxlinux_kernel*≥4.20  –  <5.4.231
linuxlinux_kernel*≥5.5  –  <5.10.166
linuxlinux_kernel*≥5.11  –  <5.15.91
linuxlinux_kernel*≥5.16  –  <6.1.9
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/1d80c259dfbadefa61b7ea334dfce5cb57f8c72f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4bc5f1f6bc94e695dfd912122af96e7115a0ddb8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7879626296e6ffd838ae0f2af1ab49ee46354973
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/867dbe784c5010a466f00a7d1467c1c5ea569c75
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a7b9560a3a8eb8724888c426e05926752f73aa0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad67de330d83e8078372b52af18ffe8d39e26c85
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c431a3d642593bbdb99e8a9e3eed608b730db6f8
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1d80c259dfbadefa61b7ea334dfce5cb57f8c72f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4bc5f1f6bc94e695dfd912122af96e7115a0ddb8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7879626296e6ffd838ae0f2af1ab49ee46354973
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/867dbe784c5010a466f00a7d1467c1c5ea569c75
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a7b9560a3a8eb8724888c426e05926752f73aa0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad67de330d83e8078372b52af18ffe8d39e26c85
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c431a3d642593bbdb99e8a9e3eed608b730db6f8
    Patch