CVE-2023-53476
- Source
- https://cve.org/CVERecord?id=CVE-2023-53476
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53476.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53476
- Downstream
- Related
- Published
- 2025-10-01T11:42:45.499Z
- Modified
- 2026-03-20T12:33:10.773620Z
- Summary
- iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
iwcxgb4: Fix potential NULL dereference in c4iwfillrescmidentry()
This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep". The problem is that "epcp" has been re-assigned so just testing "if (epcp->state == LISTEN) {" a second time is not sufficient.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53476.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/24278dc380aab6a1aef0a75317f57ad4c2453cf6
- https://git.kernel.org/stable/c/4ca446b127c568b59cb8d9748b6f70499624bb18
- https://git.kernel.org/stable/c/76e0396313c79ecd0df44ee3c18745cfac52b3e6
- https://git.kernel.org/stable/c/dd55240e4364d64befcc575b0d33091881524f42
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53476.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53476
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced116aeb8873712ea559d26b0d9d88147af5c88db5Fixed76e0396313c79ecd0df44ee3c18745cfac52b3e6Fixed24278dc380aab6a1aef0a75317f57ad4c2453cf6Fixeddd55240e4364d64befcc575b0d33091881524f42Fixed4ca446b127c568b59cb8d9748b6f70499624bb18