CVE-2023-53553

MEDIUM EPSS 2.5%

Published Oct 4, 20258mo ago · Modified Jun 17, 20261w ago

5.5 CVSS 3.1

Medium

Published Oct 4, 2025 8mo ago

Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still see this one with gcc-9: In file included from include/linux/string.h:254, from drivers/hid/hid-hyperv.c:8: In function 'fortify_memcpy_chk', inlined from 'mousevsc_on_receive' at drivers/hid/hid-hyperv.c:272:3: include/linux/fortify-string.h:583:4: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] 583 | __write_overflow_field(p_size_field, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ My guess is that the WARN_ON() itself is what confuses gcc, so it no longer sees that there is a correct range check. Rework the code in a way that helps readability and avoids the warning.

CVSS Details

Base Score

5.5

Exploitability

1.8

Impact

3.6

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality None

Integrity None

Availability High

Threat Intelligence

EPSS Exploit Probability

2.5% percentile

Exploit & Patch Status

No Known Exploit

Patch Available

Affected Products 2

Vendor	Product	Version	Range
linux	linux_kernel	*	≥6.2 – <6.4.5
linux	linux_kernel	6.5	any

References 2

git.kernel.org https://git.kernel.org/stable/c/5f151364b1da6bd217632fd4ee8cc24eaf66a497

Patch
git.kernel.org https://git.kernel.org/stable/c/a7902cc5f5b9c95997017c8e309da760fb1deb6e

Patch

Remediation

git.kernel.org https://git.kernel.org/stable/c/5f151364b1da6bd217632fd4ee8cc24eaf66a497

Patch
git.kernel.org https://git.kernel.org/stable/c/a7902cc5f5b9c95997017c8e309da760fb1deb6e

Patch