CVE-2023-53847
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_transport+0x462/0x57f0 drivers/usb/storage/alauda.c:1137 CPU: 0 PID: 12279 Comm: usb-storage Not tainted 5.3.0-rc7+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x191/0x1f0 lib/dump_stack.c:113 kmsan_report+0x13a/0x2b0 mm/kmsan/kmsan_report.c:108 __msan_warning+0x73/0xe0 mm/kmsan/kmsan_instr.c:250 alauda_check_media+0x344/0x3310 drivers/usb/storage/alauda.c:460 The problem is that alauda_check_media() doesn't verify that its USB transfer succeeded before trying to use the received data. What should happen if the transfer fails isn't entirely clear, but a reasonably conservative approach is to pretend that no media is present. A similar problem exists in a usb_stor_dbg() call in alauda_get_media_status(). In this case, when an error occurs the call is redundant, because usb_stor_ctrl_transfer() already will print a debugging message. Finally, unrelated to the uninitialized memory access, is the fact that alauda_check_media() performs DMA to a buffer on the stack. Fortunately usb-storage provides a general purpose DMA-able buffer for uses like this. We'll use it instead.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-05-07
AI Q&A
2025-12-09
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53847
EUVD
EUVD-2023-60149
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux alauda *
linux usb-storage *
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is in the Linux kernel's usb-storage alauda subdriver. It occurs because the function alauda_check_media() does not verify whether a USB transfer succeeded before using the received data, leading to access of uninitialized memory. This can cause undefined behavior or system instability. Additionally, there is a redundant debug call in alauda_get_media_status() when errors occur, and the code improperly performs DMA to a stack buffer instead of a proper DMA-able buffer. The fix involves checking transfer success before using data and using a proper DMA buffer.


How can this vulnerability impact me? :

The impact of this vulnerability could include system instability or crashes due to the use of uninitialized memory in the USB storage driver. It may also lead to unpredictable behavior when accessing USB storage devices using the alauda subdriver. However, the exact consequences are not fully detailed, but a conservative approach is to treat failed transfers as if no media is present, preventing further issues.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability has been resolved by fixing the uninitialized value access in the alauda subdriver of usb-storage in the Linux kernel. Immediate mitigation involves updating your Linux kernel to a version that includes this fix. Since the issue is related to the usb-storage alauda driver, avoiding use of affected versions or applying the patch provided by the kernel maintainers is recommended.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart