Home

Description

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is called. Reserve an extra byte, which will be zeroed automatically because 'buf' is a static variable, in order to avoid troubles, should it happen.

PUBLISHED Reserved 2025-12-09 | Published 2025-12-09 | Updated 2025-12-09 | Assigner Linux

Product status

Default status
unaffected

aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0 (git) before e8fb0f13e45cf361fd06593d3cb2d89915cd3bd0
affected

aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0 (git) before 351c8d8650d1ccc006255fa01f98b6c6496a02e5
affected

aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0 (git) before df7c8aba7309f4dc55df94e06b67f576c0f52406
affected

aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0 (git) before a4a97ab3db5c081eb6e7dba91306adefb461e0bd
affected

Default status
affected

4.12
affected

Any version before 4.12
unaffected

5.15.99 (semver)
unaffected

6.1.16 (semver)
unaffected

6.2.3 (semver)
unaffected

6.3 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/e8fb0f13e45cf361fd06593d3cb2d89915cd3bd0

git.kernel.org/...c/351c8d8650d1ccc006255fa01f98b6c6496a02e5

git.kernel.org/...c/df7c8aba7309f4dc55df94e06b67f576c0f52406

git.kernel.org/...c/a4a97ab3db5c081eb6e7dba91306adefb461e0bd

cve.org (CVE-2023-53840)

nvd.nist.gov (CVE-2023-53840)

Download JSON