-

CVE-2023-53729

EPSS 0.04%
Veröffentlicht 22.10.2025 13:23:57
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

soc: qcom: qmi_encdec: Restrict string length in decode

In the Linux kernel, the following vulnerability has been resolved:

soc: qcom: qmi_encdec: Restrict string length in decode

The QMI TLV value for strings in a lot of qmi element info structures
account for null terminated strings with MAX_LEN + 1. If a string is
actually MAX_LEN + 1 length, this will cause an out of bounds access
when the NULL character is appended in decoding.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

CNA 2 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < 6b58859e7c4ac357517a59f0801e8ce1b58a8ee2

Status affected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < 64c5e916fabe5ef7bef0210b8a59fa8941ee1b8e

Status affected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < 2ccab9f82772ead618689d17dbc6950d6bd1e741

Status affected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < b2f39b813d1eed4a522428d1e6acd7dfe9b81579

Status affected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < f6250ecb7fbb934b89539e7e2ba6c1d8555c0975

Status affected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < 22ee7c9c7f381be178b4457bc54530002e08e938

Status affected

Version 9b8a11e82615274d4133aab3cf5aa1c59191f0a2

Version < 8d207400fd6b79c92aeb2f33bb79f62dff904ea2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.16

Status affected

Version 0

Version < 4.16

Status unaffected

Version <= 4.19.*

Version 4.19.295

Status unaffected

Version <= 5.4.*

Version 5.4.257

Status unaffected

Version <= 5.10.*

Version 5.10.195

Status unaffected

Version <= 5.15.*

Version 5.15.132

Status unaffected

Version <= 6.1.*

Version 6.1.54

Status unaffected

Version <= 6.5.*

Version 6.5.4

Status unaffected

Version <= *

Version 6.6

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.121

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/6b58859e7c4ac357517a59f0801e8ce1b58a8ee2

https://git.kernel.org/stable/c/64c5e916fabe5ef7bef0210b8a59fa8941ee1b8e

https://git.kernel.org/stable/c/2ccab9f82772ead618689d17dbc6950d6bd1e741

https://git.kernel.org/stable/c/b2f39b813d1eed4a522428d1e6acd7dfe9b81579

https://git.kernel.org/stable/c/f6250ecb7fbb934b89539e7e2ba6c1d8555c0975

https://git.kernel.org/stable/c/22ee7c9c7f381be178b4457bc54530002e08e938

https://git.kernel.org/stable/c/8d207400fd6b79c92aeb2f33bb79f62dff904ea2

https://nvd.nist.gov/vuln/detail/CVE-2023-53729

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53729

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53729

EUVD