CVE-2023-53104

medium

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull Packet length check needs to be located after size and align_count calculation to prevent kernel panic in skb_pull() in case rx_cmd_a & RX_CMD_A_RED evaluates to true.

References

https://git.kernel.org/stable/c/e0d07a3203c36d073af2177edfc6b070220a60cb

https://git.kernel.org/stable/c/89441504d66d116eb5ce58c132f58cdcca5b498a

https://git.kernel.org/stable/c/7bf0eac3fdd2d25f5c6ceab63e3e4902e274f7ee

https://git.kernel.org/stable/c/5c96eeba93980c5cef5176a4bac0ddb722fd57dc

https://git.kernel.org/stable/c/4caee8e7d91e4f06f21881726da9c1bb2cd6e4fa

https://git.kernel.org/stable/c/43ffe6caccc7a1bb9d7442fbab521efbf6c1378c

https://git.kernel.org/stable/c/2cc46ed406bb325f10a251b03d9a83ae67b3d3d8

https://git.kernel.org/stable/c/181e9db5caec4daae57a58675a1ceaa47348958f

Details

Source: Mitre, NVD

Published: 2025-05-02

Updated: 2025-05-02

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024