-

CVE-2023-53598

EPSS 0.02%
Published 04.10.2025 15:44:10
Last modified 06.10.2025 14:56:21
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

bus: mhi: host: Range check CHDBOFF and ERDBOFF

If the value read from the CHDBOFF and ERDBOFF registers is outside the
range of the MHI register space then an invalid address might be computed
which later causes a kernel panic.  Range check the read value to prevent
a crash due to bad data from the device.

Affected products Warnungen 0 Metrics 1 CWE 0 References 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 372f1752b74572b0a9d2288841eab7db17daccae

Version 6cd330ae76ffd5c8f6294c423cabde7eeef1b40c

Status affected

Version < 2343385fe6eed11d0432ab42a97b3ca4aef06a99

Version 6cd330ae76ffd5c8f6294c423cabde7eeef1b40c

Status affected

Version < a2cbb1a45a0c86ce77839c0875414efe1a89315e

Version 6cd330ae76ffd5c8f6294c423cabde7eeef1b40c

Status affected

Version < 83bf6b87e2dd053d95d89eb2f01ae885f9e568db

Version 6cd330ae76ffd5c8f6294c423cabde7eeef1b40c

Status affected

Version < 4e584127ec2bd42a37c88badb49df409f21fa40a

Version 6cd330ae76ffd5c8f6294c423cabde7eeef1b40c

Status affected

Version < 6a0c637bfee69a74c104468544d9f2a6579626d0

Version 6cd330ae76ffd5c8f6294c423cabde7eeef1b40c

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.7

Status affected

Version < 5.7

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.192

Status unaffected

Version <= 5.15.*

Version 5.15.112

Status unaffected

Version <= 6.1.*

Version 6.1.28

Status unaffected

Version <= 6.2.*

Version 6.2.15

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.053

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/372f1752b74572b0a9d2288841eab7db17daccae

https://git.kernel.org/stable/c/2343385fe6eed11d0432ab42a97b3ca4aef06a99

https://git.kernel.org/stable/c/a2cbb1a45a0c86ce77839c0875414efe1a89315e

https://git.kernel.org/stable/c/83bf6b87e2dd053d95d89eb2f01ae885f9e568db

https://git.kernel.org/stable/c/4e584127ec2bd42a37c88badb49df409f21fa40a

https://git.kernel.org/stable/c/6a0c637bfee69a74c104468544d9f2a6579626d0

https://nvd.nist.gov/vuln/detail/CVE-2023-53598

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53598

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53598

EUVD