-
CVE-2023-53644
- EPSS -
- Published 07.10.2025 15:19:43
- Last modified 07.10.2025 16:15:47
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the radio-shark2 driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 0 PID: 3271 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed2/0x1880 drivers/usb/core/urb.c:504 Modules linked in: CPU: 0 PID: 3271 Comm: kworker/0:3 Not tainted 6.1.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Workqueue: usb_hub_wq hub_event RIP: 0010:usb_submit_urb+0xed2/0x1880 drivers/usb/core/urb.c:504 Code: 7c 24 18 e8 00 36 ea fb 48 8b 7c 24 18 e8 36 1c 02 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 a0 b6 90 8a e8 9a 29 b8 03 <0f> 0b e9 58 f8 ff ff e8 d2 35 ea fb 48 81 c5 c0 05 00 00 e9 84 f7 RSP: 0018:ffffc90003876dd0 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000 RDX: ffff8880750b0040 RSI: ffffffff816152b8 RDI: fffff5200070edac RBP: ffff8880172d81e0 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000001 R13: ffff8880285c5040 R14: 0000000000000002 R15: ffff888017158200 FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffe03235b90 CR3: 000000000bc8e000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58 usb_bulk_msg+0x226/0x550 drivers/usb/core/message.c:387 shark_write_reg+0x1ff/0x2e0 drivers/media/radio/radio-shark2.c:88 ... The problem was caused by the fact that the driver does not check whether the endpoints it uses are actually present and have the appropriate types. This can be fixed by adding a simple check of these endpoints (and similarly for the radio-shark driver).
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
3ed6a312ac1e7278f92b1b3d95377b335ae21e89
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
afd72825b4fcb7ae4015e1c93b054f4c37a25684
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
2b580d0f03c4fc00013cd08f9ed96b87a08fd0d9
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
8a30dce9d7f70f8438956f6a01142b926c301334
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
b1bde4b4360c3d8a35504443efabd3243b802805
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
53764a17f5d8f0d00b13297d06b5e65fa844288b
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
4c3057a1927fa0b9ed8948b6f3b56b4ff9fa63d3
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
76e31045ba030e94e72105c01b2e98f543d175ac
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version <=
4.14.*
Version
4.14.316
Status
unaffected
Version <=
4.19.*
Version
4.19.284
Status
unaffected
Version <=
5.4.*
Version
5.4.244
Status
unaffected
Version <=
5.10.*
Version
5.10.181
Status
unaffected
Version <=
5.15.*
Version
5.15.114
Status
unaffected
Version <=
6.1.*
Version
6.1.31
Status
unaffected
Version <=
6.3.*
Version
6.3.5
Status
unaffected
Version <=
*
Version
6.4
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|