CVE-2023-53400

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53400
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53400.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53400
Downstream
Related
Published
2025-09-18T13:33:40.338Z
Modified
2026-03-09T23:51:29.706123Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
ALSA: hda: Fix Oops by 9.1 surround channel names
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: Fix Oops by 9.1 surround channel names

getlineout_pfx() may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec.

As a workaround, extend for the 9.1 channels and also fix the potential Oops by unifying the code paths accessing the same array with the proper size check.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53400.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
247d85ee068610c50d66ee0cd3130e02c69f5f2e
Fixed
082dcd51667b29097500c824c37f24da997a6a8a
Fixed
b5694aae4c2d9a288bafce7d38f122769e0428e6
Fixed
4ef155ddf9578bf035964d58739fdcd7dd44b4a4
Fixed
546b1f5f45a355ae0d3a8041cdaca597dfcac825
Fixed
e8c7d7c43d5edd20e518fe1dfb2371d1fe6e8bb8
Fixed
dc8c569d59f17b17d7bca4f68c36bd571659921e
Fixed
fcf637461019e9a5a0c12fc5c42a9db1779b0634
Fixed
3b44ec8c5c44790a82f07e90db45643c762878c6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53400.json"