CVE-2023-53817
- Source
- https://cve.org/CVERecord?id=CVE-2023-53817
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53817.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53817
- Downstream
- Related
- Published
- 2025-12-09T00:01:15.411Z
- Modified
- 2026-03-20T02:59:10.149846Z
- Summary
- crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
crypto: lib/mpi - avoid null pointer deref in mpicmpui()
During NVMeTCP Authentication a controller can trigger a kernel oops by specifying the 8192 bit Diffie Hellman group and passing a correctly sized, but zeroed Diffie Hellamn value. mpicmpui() was detecting this if the second parameter was 0, but 1 is passed from dhispubkeyvalid(). This causes the null pointer u->d to be dereferenced towards the end of mpicmp_ui()
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53817.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0fc7147c694394f8a8cbc19570c6bc918cac0906
- https://git.kernel.org/stable/c/12ac013ad7ff0df066451e825801d805095b3776
- https://git.kernel.org/stable/c/61f5453e9706e99713825594e0c8f9031485fb5f
- https://git.kernel.org/stable/c/67589d247909043e94d2dd5fb590958e0f99d58d
- https://git.kernel.org/stable/c/9e47a758b70167c9301d2b44d2569f86c7796f2d
- https://git.kernel.org/stable/c/ae63e84ffda74267bf7277c38415ba38389229a0
- https://git.kernel.org/stable/c/d3ad023a39f1127dcfd331c562673355dc078650
- https://git.kernel.org/stable/c/fde791e8a96a64ea7b0ad2440e43586447a209c6
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53817.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53817
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced12f008b6dc5ff1c822fdb2198d20e3dbdc92f3f5Fixedfde791e8a96a64ea7b0ad2440e43586447a209c6Fixedae63e84ffda74267bf7277c38415ba38389229a0Fixed61f5453e9706e99713825594e0c8f9031485fb5fFixed0fc7147c694394f8a8cbc19570c6bc918cac0906Fixed67589d247909043e94d2dd5fb590958e0f99d58dFixedd3ad023a39f1127dcfd331c562673355dc078650Fixed12ac013ad7ff0df066451e825801d805095b3776Fixed9e47a758b70167c9301d2b44d2569f86c7796f2d
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.7.0Fixed4.14.326
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.295
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.257
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.197
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.133
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.55
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.5.5