CVE-2023-53458
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish() When the driver calls cx23885_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer risc->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71. We believe the bug can be also dynamically triggered from user side. Similarly, we fix this by checking the return value of cx23885_risc_buffer() and the value of risc->cpu before buffer free.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53458
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a null pointer dereference bug in the Linux kernel's cx23885 media driver. It occurs when the driver calls cx23885_risc_buffer() to prepare a buffer, and the dma_alloc_coherent function fails, resulting in an empty buffer pointer (risc->cpu). Later, when the buffer is accessed or freed, this null pointer dereference can cause a crash or other unintended behavior. The issue can potentially be triggered dynamically by a user and is fixed by adding checks for the return value of cx23885_risc_buffer() and the risc->cpu pointer before freeing the buffer.

Impact Analysis

This vulnerability can cause the system to crash or behave unexpectedly due to a null pointer dereference in the kernel driver. If exploited, it may lead to denial of service by crashing the kernel or causing instability in the media subsystem. Since it can be triggered dynamically from the user side, it could be used by an attacker to disrupt system operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53458. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart