CVE-2023-53465
- Source
- https://cve.org/CVERecord?id=CVE-2023-53465
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53465.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53465
- Downstream
- Related
- Published
- 2025-10-01T11:42:36.007Z
- Modified
- 2026-03-20T12:33:10.653696Z
- Summary
- soundwire: qcom: fix storing port config out-of-bounds
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
soundwire: qcom: fix storing port config out-of-bounds
The 'qcomswrmctrl->pconfig' has size of QCOMSDWMAXPORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to writing port config past 'pconfig' bounds and overwriting next member of 'qcomswrm_ctrl' struct. Reported also by smatch:
drivers/soundwire/qcom.c:1269 qcomswrmgetportconfig() error: buffer overflow 'ctrl->pconfig' 14 <= 14
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53465.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/20f7c4d51c94abb1a1a7c21900db4fb5afe5c8ff
- https://git.kernel.org/stable/c/32eb67d7360d48c15883e0d21b29c0aab9da022e
- https://git.kernel.org/stable/c/490937d479abe5f6584e69b96df066bc87be92e9
- https://git.kernel.org/stable/c/801daff0078087b5df9145c9f5e643c28129734b
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53465.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53465
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9916c02ccd74e672b62dd1a9017ac2f237ebf512Fixed20f7c4d51c94abb1a1a7c21900db4fb5afe5c8ffFixed801daff0078087b5df9145c9f5e643c28129734bFixed32eb67d7360d48c15883e0d21b29c0aab9da022eFixed490937d479abe5f6584e69b96df066bc87be92e9