CVE-2023-53139

In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_property_read_u8_array later.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0a3664a1058d4b2b1ea2112cc275ca47fba7fc08	Patch
https://git.kernel.org/stable/c/11f180a5d62a51b484e9648f9b310e1bd50b1a57	Patch
https://git.kernel.org/stable/c/27824b2f98818215adc9661e563252c48dab1a13	Patch
https://git.kernel.org/stable/c/4357bbb921fe9e81d0fd9f70d669d1f177d8380e	Patch
https://git.kernel.org/stable/c/80be62358fa5507cefbaa067c7e6648401f2c3da	Patch
https://git.kernel.org/stable/c/98f49e693e02c1dafd5786be3468657840dd6f06	Patch
https://git.kernel.org/stable/c/ad11b872bc9b5d27e56183c6b01f9218c85395d2	Patch
https://git.kernel.org/stable/c/ce93f1afc05941a572f5a69e2ed4012af905a693	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.3:rc1::::::

History

10 Nov 2025, 17:38

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/0a3664a1058d4b2b1ea2112cc275ca47fba7fc08 -~~	() https://git.kernel.org/stable/c/0a3664a1058d4b2b1ea2112cc275ca47fba7fc08 - Patch
References	~~() https://git.kernel.org/stable/c/11f180a5d62a51b484e9648f9b310e1bd50b1a57 -~~	() https://git.kernel.org/stable/c/11f180a5d62a51b484e9648f9b310e1bd50b1a57 - Patch
References	~~() https://git.kernel.org/stable/c/27824b2f98818215adc9661e563252c48dab1a13 -~~	() https://git.kernel.org/stable/c/27824b2f98818215adc9661e563252c48dab1a13 - Patch
References	~~() https://git.kernel.org/stable/c/4357bbb921fe9e81d0fd9f70d669d1f177d8380e -~~	() https://git.kernel.org/stable/c/4357bbb921fe9e81d0fd9f70d669d1f177d8380e - Patch
References	~~() https://git.kernel.org/stable/c/80be62358fa5507cefbaa067c7e6648401f2c3da -~~	() https://git.kernel.org/stable/c/80be62358fa5507cefbaa067c7e6648401f2c3da - Patch
References	~~() https://git.kernel.org/stable/c/98f49e693e02c1dafd5786be3468657840dd6f06 -~~	() https://git.kernel.org/stable/c/98f49e693e02c1dafd5786be3468657840dd6f06 - Patch
References	~~() https://git.kernel.org/stable/c/ad11b872bc9b5d27e56183c6b01f9218c85395d2 -~~	() https://git.kernel.org/stable/c/ad11b872bc9b5d27e56183c6b01f9218c85395d2 - Patch
References	~~() https://git.kernel.org/stable/c/ce93f1afc05941a572f5a69e2ed4012af905a693 -~~	() https://git.kernel.org/stable/c/ce93f1afc05941a572f5a69e2ed4012af905a693 - Patch
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-476
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.3:rc1::::::

Information

Published : 2025-05-02 16:15

Updated : 2025-11-10 17:38

NVD link : CVE-2023-53139

Mitre link : CVE-2023-53139

CVE.ORG link : CVE-2023-53139

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10