CVE-2023-53437
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: uvcvideo: Handle cameras with invalid descriptors
If the source entity does not contain any pads, do not create a link.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 6d30cf81ee3c0368175f76c03120af5d81e0c639 < c8f4a424af5879baefb0fb8a8a09b09ea1779483 | affected |
| Linux | Linux | b4759a52b8940dbbfc565c918a3893ecaeb5b134 < 2914259fcea23971c6fed8b2618d3a729a78c365 | affected |
| Linux | Linux | aa1362606059ade437a901fe7c33b24901683c14 < 4e4e6ca62e77539d4df8d13137e2683b10baddd9 | affected |
| Linux | Linux | cc52ed14f5ca849ef81e6a6bc4beea6dc43514d0 < d8aa2e1ae6426d7cbddf1735aed1a63ddf0e6909 | affected |
| Linux | Linux | 7532dad6634031d083df7af606fac655b8d08b5c < 31a8d11d28b57656cebfbd4c0b8b76f6ad5b017d | affected |
| Linux | Linux | 7532dad6634031d083df7af606fac655b8d08b5c < 11196ee3916e50a5da3c1e6ecda19a02dca14ba3 | affected |
| Linux | Linux | 7532dad6634031d083df7af606fac655b8d08b5c < 1a76cfc388cf105d3e04ac592670a52a3864b1ba | affected |
| Linux | Linux | 7532dad6634031d083df7af606fac655b8d08b5c < 41ddb251c68ac75c101d3a50a68c4629c9055e4c | affected |
| Linux | Linux | 9bf5da0d0fcca080b2254a30fa4b8ed47a96a0d0 | affected |
| Linux | Linux | d920b0940a0b2c0671e5a69ed3b3fe3a3a50b970 | affected |
| Linux | Linux | b950d6d8f4d7c78c9e5d08b61a66387c0b61f924 | affected |
| Linux | Linux | 4.14.224 < 4.14.308 | affected |
| Linux | Linux | 4.19.179 < 4.19.276 | affected |
| Linux | Linux | 5.4.103 < 5.4.235 | affected |
| Linux | Linux | 5.10.21 < 5.10.173 | affected |
| Linux | Linux | 4.4.260 < 4.5 | affected |
| Linux | Linux | 4.9.260 < 4.10 | affected |
| Linux | Linux | 5.11.4 < 5.12 | affected |
| Linux | Linux | 5.12 | affected |
| Linux | Linux | 0 < 5.12 | unaffected |
| Linux | Linux | 4.14.308 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.276 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.235 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.173 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.100 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.18 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.5 <= 6.2.* | unaffected |
| Linux | Linux | 6.3 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/c8f4a424af5879baefb0fb8a8a09b09ea1779483
- https://git.kernel.org/stable/c/2914259fcea23971c6fed8b2618d3a729a78c365
- https://git.kernel.org/stable/c/4e4e6ca62e77539d4df8d13137e2683b10baddd9
- https://git.kernel.org/stable/c/d8aa2e1ae6426d7cbddf1735aed1a63ddf0e6909
- https://git.kernel.org/stable/c/31a8d11d28b57656cebfbd4c0b8b76f6ad5b017d
- https://git.kernel.org/stable/c/11196ee3916e50a5da3c1e6ecda19a02dca14ba3
- https://git.kernel.org/stable/c/1a76cfc388cf105d3e04ac592670a52a3864b1ba
- https://git.kernel.org/stable/c/41ddb251c68ac75c101d3a50a68c4629c9055e4c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.