CVE-2023-53139

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_property_read_u8_array later.

Reserved 2025-05-02 | Published 2025-05-02 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

a06347c04c13e380afce0c9816df51f00b83faf1 before ad11b872bc9b5d27e56183c6b01f9218c85395d2
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before 98f49e693e02c1dafd5786be3468657840dd6f06
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before 0a3664a1058d4b2b1ea2112cc275ca47fba7fc08
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before 80be62358fa5507cefbaa067c7e6648401f2c3da
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before 4357bbb921fe9e81d0fd9f70d669d1f177d8380e
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before ce93f1afc05941a572f5a69e2ed4012af905a693
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before 27824b2f98818215adc9661e563252c48dab1a13
affected

a06347c04c13e380afce0c9816df51f00b83faf1 before 11f180a5d62a51b484e9648f9b310e1bd50b1a57
affected

Default status
affected

4.4
affected

Any version before 4.4
unaffected

4.14.310
unaffected

4.19.278
unaffected

5.4.237
unaffected

5.10.175
unaffected

5.15.103
unaffected

6.1.20
unaffected

6.2.7
unaffected

6.3
unaffected

References

git.kernel.org/...c/ad11b872bc9b5d27e56183c6b01f9218c85395d2

git.kernel.org/...c/98f49e693e02c1dafd5786be3468657840dd6f06

git.kernel.org/...c/0a3664a1058d4b2b1ea2112cc275ca47fba7fc08

git.kernel.org/...c/80be62358fa5507cefbaa067c7e6648401f2c3da

git.kernel.org/...c/4357bbb921fe9e81d0fd9f70d669d1f177d8380e

git.kernel.org/...c/ce93f1afc05941a572f5a69e2ed4012af905a693

git.kernel.org/...c/27824b2f98818215adc9661e563252c48dab1a13

git.kernel.org/...c/11f180a5d62a51b484e9648f9b310e1bd50b1a57

cve.org (CVE-2023-53139)

nvd.nist.gov (CVE-2023-53139)

Download JSON