-

CVE-2023-53238

EPSS 0.03%
Veröffentlicht 15.09.2025 14:22:12
Zuletzt bearbeitet 15.09.2025 15:22:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()

The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM.

In the for loop, 'i' is used as the index for array 'priv->ports[]'
with a check (i > INNO_PHY_PORT_NUM) which indicates that
INNO_PHY_PORT_NUM is allowed value for 'i' in the same loop.

This > comparison needs to be changed to >=, otherwise it potentially leads
to an out of bounds write on the next iteration through the loop

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 2843a2e703f5cb85c9eeca11b7ee90861635a010

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

Version < 195e806b2afb0bad6470c9094f7e45e0cf109ee0

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

Version < ad249aa3c38f329f91fba8b4b3cd087e79fb0ce8

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

Version < 6d8a71e4c3a2fa4960cc50996e76a42b62fab677

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

Version < 01cb355bb92e8fcf8306e11a4774d610c5864e39

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

Version < ce69eac840db0b559994dc4290fce3d7c0d7bccd

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

Version < 13c088cf3657d70893d75cf116be937f1509cc0f

Version ba8b0ee81fbbc249e60f84bf097bd56e8047c742

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.17

Status affected

Version < 4.17

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.291

Status unaffected

Version <= 5.4.*

Version 5.4.253

Status unaffected

Version <= 5.10.*

Version 5.10.190

Status unaffected

Version <= 5.15.*

Version 5.15.124

Status unaffected

Version <= 6.1.*

Version 6.1.43

Status unaffected

Version <= 6.4.*

Version 6.4.8

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.078

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/2843a2e703f5cb85c9eeca11b7ee90861635a010

https://git.kernel.org/stable/c/195e806b2afb0bad6470c9094f7e45e0cf109ee0

https://git.kernel.org/stable/c/ad249aa3c38f329f91fba8b4b3cd087e79fb0ce8

https://git.kernel.org/stable/c/6d8a71e4c3a2fa4960cc50996e76a42b62fab677

https://git.kernel.org/stable/c/01cb355bb92e8fcf8306e11a4774d610c5864e39

https://git.kernel.org/stable/c/ce69eac840db0b559994dc4290fce3d7c0d7bccd

https://git.kernel.org/stable/c/13c088cf3657d70893d75cf116be937f1509cc0f

https://nvd.nist.gov/vuln/detail/CVE-2023-53238

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53238

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53238

EUVD