-

CVE-2023-53380

EPSS 0.03%
Veröffentlicht 18.09.2025 13:33:25
Zuletzt bearbeitet 19.09.2025 16:00:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request

There are two check of 'mreplace' in raid10_sync_request(). In the first
check, 'need_replace' will be set and 'mreplace' will be used later if
no-Faulty 'mreplace' exists, In the second check, 'mreplace' will be
set to NULL if it is Faulty, but 'need_replace' will not be changed
accordingly. null-ptr-deref occurs if Faulty is set between two check.

Fix it by merging two checks into one. And replace 'need_replace' with
'mreplace' because their values are always the same.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 45fa023b3334a7ae6f6c4eb977295804222dfa28

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

Version < 2990e2ece18dd4cca71b3109c80517ad94adb065

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

Version < f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

Version < 222cc459d59857ee28a5366dc225ab42b22f9272

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

Version < b5015b97adda6a24dd3e713c63e521ecbeff25c6

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

Version < 144c7fd008e0072b0b565f1157eec618de54ca8a

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

Version < 34817a2441747b48e444cb0e05d84e14bc9443da

Version ee37d7314a32ab6809eacc3389bad0406c69a81f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.20

Status affected

Version < 4.20

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.251

Status unaffected

Version <= 5.10.*

Version 5.10.188

Status unaffected

Version <= 5.15.*

Version 5.15.121

Status unaffected

Version <= 6.1.*

Version 6.1.39

Status unaffected

Version <= 6.3.*

Version 6.3.13

Status unaffected

Version <= 6.4.*

Version 6.4.4

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.078

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/45fa023b3334a7ae6f6c4eb977295804222dfa28

https://git.kernel.org/stable/c/2990e2ece18dd4cca71b3109c80517ad94adb065

https://git.kernel.org/stable/c/f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f

https://git.kernel.org/stable/c/222cc459d59857ee28a5366dc225ab42b22f9272

https://git.kernel.org/stable/c/b5015b97adda6a24dd3e713c63e521ecbeff25c6

https://git.kernel.org/stable/c/144c7fd008e0072b0b565f1157eec618de54ca8a

https://git.kernel.org/stable/c/34817a2441747b48e444cb0e05d84e14bc9443da

https://nvd.nist.gov/vuln/detail/CVE-2023-53380

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53380

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53380

EUVD