-

CVE-2023-53298

EPSS 0.03%
Veröffentlicht 16.09.2025 08:11:30
Zuletzt bearbeitet 16.09.2025 12:49:16
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

nfc: fix memory leak of se_io context in nfc_genl_se_io

The callback context for sending/receiving APDUs to/from the selected
secure element is allocated inside nfc_genl_se_io and supposed to be
eventually freed in se_io_cb callback function. However, there are several
error paths where the bwi_timer is not charged to call se_io_cb later, and
the cb_context is leaked.

The patch proposes to free the cb_context explicitly on those error paths.

At the moment we can't simply check 'dev->ops->se_io()' return value as it
may be negative in both cases: when the timer was charged and was not.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5321da6d84b87a34eea441677d649c34bd854169

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < af452e35b9e6a87cd49e54a7a3d60d934b194651

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < 271eed1736426103335c5aac50f15b0f4d236bc0

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < 8978315cb4bf8878c9c8ec05dafd8f7ff539860d

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < c494365432dcdc549986f4d9af9eb6190cbdb153

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < b2036a252381949d3b743a3de069324ae3028a57

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < ba98db08895748c12e5ded52cd1598dce2c79e55

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

Version < 25ff6f8a5a3b8dc48e8abda6f013e8cc4b14ffea

Version 5ce3f32b5264b337bfd13a780452a17705307725

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.13

Status affected

Version < 3.13

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.308

Status unaffected

Version <= 4.19.*

Version 4.19.276

Status unaffected

Version <= 5.4.*

Version 5.4.235

Status unaffected

Version <= 5.10.*

Version 5.10.173

Status unaffected

Version <= 5.15.*

Version 5.15.100

Status unaffected

Version <= 6.1.*

Version 6.1.18

Status unaffected

Version <= 6.2.*

Version 6.2.5

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.078

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5321da6d84b87a34eea441677d649c34bd854169

https://git.kernel.org/stable/c/af452e35b9e6a87cd49e54a7a3d60d934b194651

https://git.kernel.org/stable/c/271eed1736426103335c5aac50f15b0f4d236bc0

https://git.kernel.org/stable/c/8978315cb4bf8878c9c8ec05dafd8f7ff539860d

https://git.kernel.org/stable/c/c494365432dcdc549986f4d9af9eb6190cbdb153

https://git.kernel.org/stable/c/b2036a252381949d3b743a3de069324ae3028a57

https://git.kernel.org/stable/c/ba98db08895748c12e5ded52cd1598dce2c79e55

https://git.kernel.org/stable/c/25ff6f8a5a3b8dc48e8abda6f013e8cc4b14ffea

https://nvd.nist.gov/vuln/detail/CVE-2023-53298

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53298

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53298

EUVD