CVE-2023-53245 (GCVE-0-2023-53245)

Vulnerability from cvelistv5 – Published: 2025-09-15 14:46 – Updated: 2026-01-14 18:02
VLAI?
Title
scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
Summary
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI device. I/O to the vFC device is handled by the storvsc driver. The storvsc driver includes a partial integration with the FC transport implemented in the generic portion of the Linux SCSI subsystem so that FC attributes can be displayed in /sys. However, the partial integration means that some aspects of vFC don't work properly. Unfortunately, a full and correct integration isn't practical because of limitations in what Hyper-V provides to the guest. In particular, in the context of Hyper-V storvsc, the FC transport timeout function fc_eh_timed_out() causes a kernel panic because it can't find the rport and dereferences a NULL pointer. The original patch that added the call from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this regard. In many cases a timeout is due to a transient condition, so the situation can be improved by just continuing to wait like with other I/O requests issued by storvsc, and avoiding the guaranteed panic. For a permanent failure, continuing to wait may result in a hung thread instead of a panic, which again may be better. So fix the panic by removing the storvsc call to fc_eh_timed_out(). This allows storvsc to keep waiting for a response. The change has been tested by users who experienced a panic in fc_eh_timed_out() due to transient timeouts, and it solves their problem. In the future we may want to deprecate the vFC functionality in storvsc since it can't be fully fixed. But it has current users for whom it is working well enough, so it should probably stay for a while longer.
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < cd87f4df9865a53807001ed12c0f0420b14ececd (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < 311db605e07f0d4fc0cc7ddb74f1e5692ea2f469 (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < 048ebc9a28fb918ee635dd4b2fcf4248eb6e4050 (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < 1678408d08f31a694d5150a56796dd04c9710b22 (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < 7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < ed70fa5629a8b992a5372d7044d1db1f8fa6de29 (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < 763c06565055ae373fe7f89c11e1447bd1ded264 (git)
Affected: 3930d7309807ba0bfa460dfa9ed68d5560347dd2 , < 175544ad48cbf56affeef2a679c6a4d4fb1e2881 (git)
Create a notification for this product.
    Linux Linux Affected: 4.13
Unaffected: 0 , < 4.13 (semver)
Unaffected: 4.14.323 , ≤ 4.14.* (semver)
Unaffected: 4.19.292 , ≤ 4.19.* (semver)
Unaffected: 5.4.254 , ≤ 5.4.* (semver)
Unaffected: 5.10.191 , ≤ 5.10.* (semver)
Unaffected: 5.15.127 , ≤ 5.15.* (semver)
Unaffected: 6.1.46 , ≤ 6.1.* (semver)
Unaffected: 6.4.11 , ≤ 6.4.* (semver)
Unaffected: 6.5 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-53245",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T17:58:58.916124Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T18:02:51.350Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/storvsc_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cd87f4df9865a53807001ed12c0f0420b14ececd",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "311db605e07f0d4fc0cc7ddb74f1e5692ea2f469",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "048ebc9a28fb918ee635dd4b2fcf4248eb6e4050",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "1678408d08f31a694d5150a56796dd04c9710b22",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "ed70fa5629a8b992a5372d7044d1db1f8fa6de29",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "763c06565055ae373fe7f89c11e1447bd1ded264",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            },
            {
              "lessThan": "175544ad48cbf56affeef2a679c6a4d4fb1e2881",
              "status": "affected",
              "version": "3930d7309807ba0bfa460dfa9ed68d5560347dd2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/storvsc_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "lessThan": "4.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.323",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.191",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.127",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.323",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.292",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.254",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.191",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.127",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.46",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.11",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Fix handling of virtual Fibre Channel timeouts\n\nHyper-V provides the ability to connect Fibre Channel LUNs to the host\nsystem and present them in a guest VM as a SCSI device. I/O to the vFC\ndevice is handled by the storvsc driver. The storvsc driver includes a\npartial integration with the FC transport implemented in the generic\nportion of the Linux SCSI subsystem so that FC attributes can be displayed\nin /sys.  However, the partial integration means that some aspects of vFC\ndon\u0027t work properly. Unfortunately, a full and correct integration isn\u0027t\npractical because of limitations in what Hyper-V provides to the guest.\n\nIn particular, in the context of Hyper-V storvsc, the FC transport timeout\nfunction fc_eh_timed_out() causes a kernel panic because it can\u0027t find the\nrport and dereferences a NULL pointer. The original patch that added the\ncall from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this\nregard.\n\nIn many cases a timeout is due to a transient condition, so the situation\ncan be improved by just continuing to wait like with other I/O requests\nissued by storvsc, and avoiding the guaranteed panic. For a permanent\nfailure, continuing to wait may result in a hung thread instead of a panic,\nwhich again may be better.\n\nSo fix the panic by removing the storvsc call to fc_eh_timed_out().  This\nallows storvsc to keep waiting for a response.  The change has been tested\nby users who experienced a panic in fc_eh_timed_out() due to transient\ntimeouts, and it solves their problem.\n\nIn the future we may want to deprecate the vFC functionality in storvsc\nsince it can\u0027t be fully fixed. But it has current users for whom it is\nworking well enough, so it should probably stay for a while longer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-15T14:46:14.280Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cd87f4df9865a53807001ed12c0f0420b14ececd"
        },
        {
          "url": "https://git.kernel.org/stable/c/311db605e07f0d4fc0cc7ddb74f1e5692ea2f469"
        },
        {
          "url": "https://git.kernel.org/stable/c/048ebc9a28fb918ee635dd4b2fcf4248eb6e4050"
        },
        {
          "url": "https://git.kernel.org/stable/c/1678408d08f31a694d5150a56796dd04c9710b22"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/ed70fa5629a8b992a5372d7044d1db1f8fa6de29"
        },
        {
          "url": "https://git.kernel.org/stable/c/763c06565055ae373fe7f89c11e1447bd1ded264"
        },
        {
          "url": "https://git.kernel.org/stable/c/175544ad48cbf56affeef2a679c6a4d4fb1e2881"
        }
      ],
      "title": "scsi: storvsc: Fix handling of virtual Fibre Channel timeouts",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53245",
    "datePublished": "2025-09-15T14:46:14.280Z",
    "dateReserved": "2025-09-15T14:19:21.848Z",
    "dateUpdated": "2026-01-14T18:02:51.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-53245\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-14T17:58:58.916124Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-14T17:58:54.788Z\"}}], \"cna\": {\"title\": \"scsi: storvsc: Fix handling of virtual Fibre Channel timeouts\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"cd87f4df9865a53807001ed12c0f0420b14ececd\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"311db605e07f0d4fc0cc7ddb74f1e5692ea2f469\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"048ebc9a28fb918ee635dd4b2fcf4248eb6e4050\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"1678408d08f31a694d5150a56796dd04c9710b22\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"ed70fa5629a8b992a5372d7044d1db1f8fa6de29\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"763c06565055ae373fe7f89c11e1447bd1ded264\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3930d7309807ba0bfa460dfa9ed68d5560347dd2\", \"lessThan\": \"175544ad48cbf56affeef2a679c6a4d4fb1e2881\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/scsi/storvsc_drv.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.13\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.13\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.14.323\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.292\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.254\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.191\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.127\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.46\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.4.11\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.*\"}, {\"status\": \"unaffected\", \"version\": \"6.5\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/scsi/storvsc_drv.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/cd87f4df9865a53807001ed12c0f0420b14ececd\"}, {\"url\": \"https://git.kernel.org/stable/c/311db605e07f0d4fc0cc7ddb74f1e5692ea2f469\"}, {\"url\": \"https://git.kernel.org/stable/c/048ebc9a28fb918ee635dd4b2fcf4248eb6e4050\"}, {\"url\": \"https://git.kernel.org/stable/c/1678408d08f31a694d5150a56796dd04c9710b22\"}, {\"url\": \"https://git.kernel.org/stable/c/7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d\"}, {\"url\": \"https://git.kernel.org/stable/c/ed70fa5629a8b992a5372d7044d1db1f8fa6de29\"}, {\"url\": \"https://git.kernel.org/stable/c/763c06565055ae373fe7f89c11e1447bd1ded264\"}, {\"url\": \"https://git.kernel.org/stable/c/175544ad48cbf56affeef2a679c6a4d4fb1e2881\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: storvsc: Fix handling of virtual Fibre Channel timeouts\\n\\nHyper-V provides the ability to connect Fibre Channel LUNs to the host\\nsystem and present them in a guest VM as a SCSI device. I/O to the vFC\\ndevice is handled by the storvsc driver. The storvsc driver includes a\\npartial integration with the FC transport implemented in the generic\\nportion of the Linux SCSI subsystem so that FC attributes can be displayed\\nin /sys.  However, the partial integration means that some aspects of vFC\\ndon\u0027t work properly. Unfortunately, a full and correct integration isn\u0027t\\npractical because of limitations in what Hyper-V provides to the guest.\\n\\nIn particular, in the context of Hyper-V storvsc, the FC transport timeout\\nfunction fc_eh_timed_out() causes a kernel panic because it can\u0027t find the\\nrport and dereferences a NULL pointer. The original patch that added the\\ncall from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this\\nregard.\\n\\nIn many cases a timeout is due to a transient condition, so the situation\\ncan be improved by just continuing to wait like with other I/O requests\\nissued by storvsc, and avoiding the guaranteed panic. For a permanent\\nfailure, continuing to wait may result in a hung thread instead of a panic,\\nwhich again may be better.\\n\\nSo fix the panic by removing the storvsc call to fc_eh_timed_out().  This\\nallows storvsc to keep waiting for a response.  The change has been tested\\nby users who experienced a panic in fc_eh_timed_out() due to transient\\ntimeouts, and it solves their problem.\\n\\nIn the future we may want to deprecate the vFC functionality in storvsc\\nsince it can\u0027t be fully fixed. But it has current users for whom it is\\nworking well enough, so it should probably stay for a while longer.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.323\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.292\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.254\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.191\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.127\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.46\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.4.11\", \"versionStartIncluding\": \"4.13\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.5\", \"versionStartIncluding\": \"4.13\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-09-15T14:46:14.280Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-53245\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-14T18:02:51.350Z\", \"dateReserved\": \"2025-09-15T14:19:21.848Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-09-15T14:46:14.280Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.