CVE-2023-53840

Dec. 9, 2025, 6:37 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is called. Reserve an extra byte, which will be zeroed automatically because 'buf' is a static variable, in order to avoid troubles, should it happen.

Product(s) Impacted

Product Versions
kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/351c8d8650d1ccc006255fa01f98b6c6496a02e5
https://git.kernel.org/stable/c/a4a97ab3db5c081eb6e7dba91306adefb461e0bd
https://git.kernel.org/stable/c/df7c8aba7309f4dc55df94e06b67f576c0f52406
https://git.kernel.org/stable/c/e8fb0f13e45cf361fd06593d3cb2d89915cd3bd0

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-09
CVE-2023-53840

Timeline

Published: Dec. 9, 2025, 4:17 p.m.
Last Modified: Dec. 9, 2025, 6:37 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.