CVE-2023-53675 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: ses: Fix possible desc_ptr out-of-bounds accesses

Sanitize possible desc_ptr out-of-bounds accesses in
ses_enclosure_data_process().

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/414418abc19fa4ccf730d273061a426c07a061d6
https://git.kernel.org/stable/c/4b8cae410472653a59e15af62c57c49b8e0a1201
https://git.kernel.org/stable/c/584892fd29a41ef424a148118a3103b16b94fb8c
https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7
https://git.kernel.org/stable/c/79ec5dd5fb07ecaea2f978c2d7a9f2f3526e4d19
https://git.kernel.org/stable/c/801ab13d50cf3d26170ee073ea8bb4eececb76ab
https://git.kernel.org/stable/c/c315560e3ef77c1d822249f1743e647dc9c9912a
https://git.kernel.org/stable/c/cffe09ca0555e235a42d6fa065e463c4b3d5b657
https://lore.kernel.org/linux-cve-announce/2025100707-CVE-2023-53675-e7ac@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53675
https://www.cve.org/CVERecord?id=CVE-2023-53675

History

Wed, 08 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100707-CVE-2023-53675-e7ac@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53675 https://www.cve.org/CVERecord?id=CVE-2023-53675
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Tue, 07 Oct 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible desc_ptr out-of-bounds accesses Sanitize possible desc_ptr out-of-bounds accesses in ses_enclosure_data_process().
Title		scsi: ses: Fix possible desc_ptr out-of-bounds accesses
References		https://git.kernel.org/stable/c/414418abc19fa4ccf730d273061a426c07a061d6 https://git.kernel.org/stable/c/4b8cae410472653a59e15af62c57c49b8e0a1201 https://git.kernel.org/stable/c/584892fd29a41ef424a148118a3103b16b94fb8c https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7 https://git.kernel.org/stable/c/79ec5dd5fb07ecaea2f978c2d7a9f2f3526e4d19 https://git.kernel.org/stable/c/801ab13d50cf3d26170ee073ea8bb4eececb76ab https://git.kernel.org/stable/c/c315560e3ef77c1d822249f1743e647dc9c9912a https://git.kernel.org/stable/c/cffe09ca0555e235a42d6fa065e463c4b3d5b657

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-07T15:21:31.018Z

Updated: 2025-10-07T15:21:31.018Z

Reserved: 2025-10-07T15:16:59.663Z

Link: CVE-2023-53675

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-07T16:15:51.503

Modified: 2025-10-07T16:15:51.503

Link: CVE-2023-53675

Redhat

Severity : Moderate

Publid Date: 2025-10-07T00:00:00Z

Links: CVE-2023-53675 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object