CVE-2023-53062

MEDIUM EPSS 5.5%
Published May 2, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 2, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory contents.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥2.6.28  –  <4.14.312
linuxlinux_kernel*≥4.15  –  <4.19.280
linuxlinux_kernel*≥4.20  –  <5.4.240
linuxlinux_kernel*≥5.5  –  <5.10.177
linuxlinux_kernel*≥5.11  –  <5.15.105
linuxlinux_kernel*≥5.16  –  <6.1.22
linuxlinux_kernel*≥6.2  –  <6.2.9
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/33d1603a38e05886c538129ddfe00bd52d347e7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/70eb25c6a6cde149affe8a587371a3a8ad295ba0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/733580e268a53db1cd01f2251419da91866378f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba6c40227108f8ee428e42eb0337b48ed3001e65
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3c145a4d24b752c9a1314d5a595014d51471418
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e041bef1adee02999cf24f9a2e15ed452bc363fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f2111c791d885211714db85f9a06188571c57dd0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ff821092cf02a70c2bccd2d19269f01e29aa52cf
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/33d1603a38e05886c538129ddfe00bd52d347e7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/70eb25c6a6cde149affe8a587371a3a8ad295ba0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/733580e268a53db1cd01f2251419da91866378f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba6c40227108f8ee428e42eb0337b48ed3001e65
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3c145a4d24b752c9a1314d5a595014d51471418
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e041bef1adee02999cf24f9a2e15ed452bc363fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f2111c791d885211714db85f9a06188571c57dd0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ff821092cf02a70c2bccd2d19269f01e29aa52cf
    Patch