Vulnerability-Lookup

BDU:2026-01235

Vulnerability from fstec - Published: 19.07.2023

Title

Уязвимость функции anysee_master_xfer() модуля drivers/media/usb/dvb-usb-v2/anysee.c драйвера мультимедийных устройств USB ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции anysee_master_xfer() модуля drivers/media/usb/dvb-usb-v2/anysee.c драйвера мультимедийных устройств USB ядра операционной системы Linux связана с разыменованием указателей. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Red Hat Inc., Сообщество свободного программного обеспечения

Software Name

Red Hat Enterprise Linux, Debian GNU/Linux, Linux

Software Version

7 (Red Hat Enterprise Linux), 8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), от 4.20 до 5.4.256 включительно (Linux), от 4.15 до 4.19.294 включительно (Linux), от 5.5 до 5.10.196 включительно (Linux), от 5.11 до 5.15.132 включительно (Linux), от 5.16 до 6.1.54 включительно (Linux), от 6.2 до 6.5.4 включительно (Linux), от 2.6.27 до 4.14.325 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54093-fcea@gregkh/ https://git.kernel.org/stable/c/73c0b224ceeba12dee2a7a8cbc147648da0b2e63 https://git.kernel.org/stable/c/e04affec2506ff5c12a18d78d7e694b3556a8982 https://git.kernel.org/stable/c/8dc5b370254abc10f0cb4141d90cecf7ce465472 https://git.kernel.org/stable/c/4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac https://git.kernel.org/stable/c/3dd5846a873938ec7b6d404ec27662942cd8f2ef https://git.kernel.org/stable/c/14b94154a72388b57221a2a73795c0ea61a95373 https://git.kernel.org/stable/c/5975dbbb7ad0767eaabd15d2c37a739ac76acb00 https://git.kernel.org/stable/c/c30411266fd67ea3c02a05c157231654d5a3bdc9 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.326 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.295 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.133 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.55 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.5 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-54093 Для продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2023-54093

Reference

https://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54093-fcea@gregkh/ https://git.kernel.org/stable/c/73c0b224ceeba12dee2a7a8cbc147648da0b2e63 https://git.kernel.org/stable/c/e04affec2506ff5c12a18d78d7e694b3556a8982 https://git.kernel.org/stable/c/8dc5b370254abc10f0cb4141d90cecf7ce465472 https://git.kernel.org/stable/c/4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac https://git.kernel.org/stable/c/3dd5846a873938ec7b6d404ec27662942cd8f2ef https://git.kernel.org/stable/c/14b94154a72388b57221a2a73795c0ea61a95373 https://git.kernel.org/stable/c/5975dbbb7ad0767eaabd15d2c37a739ac76acb00 https://git.kernel.org/stable/c/c30411266fd67ea3c02a05c157231654d5a3bdc9 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.326 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.295 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.133 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.55 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.5 https://security-tracker.debian.org/tracker/CVE-2023-54093 https://access.redhat.com/security/cve/cve-2023-54093

CWE

CWE-476

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7 (Red Hat Enterprise Linux), 8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.256 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.294 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.196 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.15.132 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.16 \u0434\u043e 6.1.54 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 6.2 \u0434\u043e 6.5.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.27 \u0434\u043e 4.14.325 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54093-fcea@gregkh/\nhttps://git.kernel.org/stable/c/73c0b224ceeba12dee2a7a8cbc147648da0b2e63\nhttps://git.kernel.org/stable/c/e04affec2506ff5c12a18d78d7e694b3556a8982\nhttps://git.kernel.org/stable/c/8dc5b370254abc10f0cb4141d90cecf7ce465472\nhttps://git.kernel.org/stable/c/4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac\nhttps://git.kernel.org/stable/c/3dd5846a873938ec7b6d404ec27662942cd8f2ef\nhttps://git.kernel.org/stable/c/14b94154a72388b57221a2a73795c0ea61a95373\nhttps://git.kernel.org/stable/c/5975dbbb7ad0767eaabd15d2c37a739ac76acb00\nhttps://git.kernel.org/stable/c/c30411266fd67ea3c02a05c157231654d5a3bdc9\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.326\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.295\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.133\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.55\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.5\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-54093\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2023-54093",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.07.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.02.2026",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2026-01235",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-54093",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 7 , Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , Red Hat Inc. Red Hat Enterprise Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.256 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.294 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.196 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.15.132 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.16 \u0434\u043e 6.1.54 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.2 \u0434\u043e 6.5.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.27 \u0434\u043e 4.14.325 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 anysee_master_xfer() \u043c\u043e\u0434\u0443\u043b\u044f drivers/media/usb/dvb-usb-v2/anysee.c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 USB \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 anysee_master_xfer() \u043c\u043e\u0434\u0443\u043b\u044f drivers/media/usb/dvb-usb-v2/anysee.c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 USB \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54093-fcea@gregkh/\nhttps://git.kernel.org/stable/c/73c0b224ceeba12dee2a7a8cbc147648da0b2e63\nhttps://git.kernel.org/stable/c/e04affec2506ff5c12a18d78d7e694b3556a8982\nhttps://git.kernel.org/stable/c/8dc5b370254abc10f0cb4141d90cecf7ce465472\nhttps://git.kernel.org/stable/c/4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac\nhttps://git.kernel.org/stable/c/3dd5846a873938ec7b6d404ec27662942cd8f2ef\nhttps://git.kernel.org/stable/c/14b94154a72388b57221a2a73795c0ea61a95373\nhttps://git.kernel.org/stable/c/5975dbbb7ad0767eaabd15d2c37a739ac76acb00\nhttps://git.kernel.org/stable/c/c30411266fd67ea3c02a05c157231654d5a3bdc9\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.326\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.295\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.133\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.55\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.5\nhttps://security-tracker.debian.org/tracker/CVE-2023-54093\nhttps://access.redhat.com/security/cve/cve-2023-54093",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CVE-2023-54093 (GCVE-0-2023-54093)

Vulnerability from cvelistv5 – Published: 2025-12-24 13:06 – Updated: 2026-01-05 10:33

Title

media: anysee: fix null-ptr-deref in anysee_master_xfer

Summary

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach anysee_master_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()") [hverkuil: add spaces around +]

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/73c0b224ceeba12de…
	https://git.kernel.org/stable/c/e04affec2506ff5c1…
	https://git.kernel.org/stable/c/8dc5b370254abc10f…
	https://git.kernel.org/stable/c/4a9763d2bc4a6d6fa…
	https://git.kernel.org/stable/c/3dd5846a873938ec7…
	https://git.kernel.org/stable/c/14b94154a72388b57…
	https://git.kernel.org/stable/c/5975dbbb7ad0767ea…
	https://git.kernel.org/stable/c/c30411266fd67ea3c…

Impacted products

Vendor

Product

Version

Linux

Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < 73c0b224ceeba12dee2a7a8cbc147648da0b2e63 (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < e04affec2506ff5c12a18d78d7e694b3556a8982 (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < 8dc5b370254abc10f0cb4141d90cecf7ce465472 (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < 4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < 3dd5846a873938ec7b6d404ec27662942cd8f2ef (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < 14b94154a72388b57221a2a73795c0ea61a95373 (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < 5975dbbb7ad0767eaabd15d2c37a739ac76acb00 (git)
Affected: a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b , < c30411266fd67ea3c02a05c157231654d5a3bdc9 (git)

Linux

Affected: 2.6.27
Unaffected: 0 , < 2.6.27 (semver)
Unaffected: 4.14.326 , ≤ 4.14.* (semver)
Unaffected: 4.19.295 , ≤ 4.19.* (semver)
Unaffected: 5.4.257 , ≤ 5.4.* (semver)
Unaffected: 5.10.197 , ≤ 5.10.* (semver)
Unaffected: 5.15.133 , ≤ 5.15.* (semver)
Unaffected: 6.1.55 , ≤ 6.1.* (semver)
Unaffected: 6.5.5 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/dvb-usb-v2/anysee.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "73c0b224ceeba12dee2a7a8cbc147648da0b2e63",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "e04affec2506ff5c12a18d78d7e694b3556a8982",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "8dc5b370254abc10f0cb4141d90cecf7ce465472",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "3dd5846a873938ec7b6d404ec27662942cd8f2ef",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "14b94154a72388b57221a2a73795c0ea61a95373",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "5975dbbb7ad0767eaabd15d2c37a739ac76acb00",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            },
            {
              "lessThan": "c30411266fd67ea3c02a05c157231654d5a3bdc9",
              "status": "affected",
              "version": "a51e34dd6080d8d5c9e95a4e0292cd4cb889a61b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/dvb-usb-v2/anysee.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.27"
            },
            {
              "lessThan": "2.6.27",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.326",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.295",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.197",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.55",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.326",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.295",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.197",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.133",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.55",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.5",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "2.6.27",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: anysee: fix null-ptr-deref in anysee_master_xfer\n\nIn anysee_master_xfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach anysee_master_xfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 0ed554fd769a\n(\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")\n\n[hverkuil: add spaces around +]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:33:43.446Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/73c0b224ceeba12dee2a7a8cbc147648da0b2e63"
        },
        {
          "url": "https://git.kernel.org/stable/c/e04affec2506ff5c12a18d78d7e694b3556a8982"
        },
        {
          "url": "https://git.kernel.org/stable/c/8dc5b370254abc10f0cb4141d90cecf7ce465472"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a9763d2bc4a6d6fab42555b9c0b2eefa32585ac"
        },
        {
          "url": "https://git.kernel.org/stable/c/3dd5846a873938ec7b6d404ec27662942cd8f2ef"
        },
        {
          "url": "https://git.kernel.org/stable/c/14b94154a72388b57221a2a73795c0ea61a95373"
        },
        {
          "url": "https://git.kernel.org/stable/c/5975dbbb7ad0767eaabd15d2c37a739ac76acb00"
        },
        {
          "url": "https://git.kernel.org/stable/c/c30411266fd67ea3c02a05c157231654d5a3bdc9"
        }
      ],
      "title": "media: anysee: fix null-ptr-deref in anysee_master_xfer",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54093",
    "datePublished": "2025-12-24T13:06:21.774Z",
    "dateReserved": "2025-12-24T13:02:52.516Z",
    "dateUpdated": "2026-01-05T10:33:43.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2026-01235

CVE-2023-54093 (GCVE-0-2023-54093)

Tags

Sightings

Nomenclature