{"vulnerability": "CVE-2023-5314", "sightings": [{"uuid": "9ccb062c-e8cf-43cc-bc68-af3f448b72e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-53149", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c10b2d3b-300c-4df4-9969-7518be833241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53145", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lotadi53sxa2", "content": "", "creation_timestamp": "2025-05-10T15:17:11.275157Z"}, {"uuid": "015e21c5-db7a-4c5a-999d-87b14693145a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53145", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lotljxm7ew2n", "content": "", "creation_timestamp": "2025-05-10T18:37:27.098270Z"}, {"uuid": "617255c7-5400-414f-9897-1f95ddf7a744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53143", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7c2l66c4k2", "content": "", "creation_timestamp": "2025-05-02T17:34:18.371721Z"}, {"uuid": "6e693ca7-bf3f-4b39-b3e1-1312259b5a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53142", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7c2m34cn72", "content": "", "creation_timestamp": "2025-05-02T17:34:18.874710Z"}, {"uuid": "9f59029f-21ca-44c8-8003-287643e5fbda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53141", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7c2mv5kd32", "content": "", "creation_timestamp": "2025-05-02T17:34:19.403793Z"}, {"uuid": "ed2d6645-7f67-4d9b-b3a7-4db44a8182b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53140", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7c2ou46u72", "content": "", "creation_timestamp": "2025-05-02T17:34:22.176096Z"}, {"uuid": "0d1b561d-dc6d-4348-9880-cf327bd597e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53144", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7c2pqnsat2", "content": "", "creation_timestamp": "2025-05-02T17:34:23.267590Z"}, {"uuid": "06165b3f-9b9b-4981-9525-0e9218611096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53141", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr4dh5p2t", "content": "", "creation_timestamp": "2025-05-02T20:06:06.685716Z"}, {"uuid": "2467db26-488a-4347-95d5-9990d1780898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53144", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr4qhxv2e", "content": "", "creation_timestamp": "2025-05-02T20:06:08.999572Z"}, {"uuid": "88f8064c-55b9-4127-a22f-b37205b8d181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53142", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr564q62j", "content": "", "creation_timestamp": "2025-05-02T20:06:11.703292Z"}, {"uuid": "04ab7ef7-190d-4118-8845-988358dce937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53143", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr5epbb2p", "content": "", "creation_timestamp": "2025-05-02T20:06:12.881431Z"}, {"uuid": "50857bf8-0ad7-47f0-a505-6f3129005033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53140", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr5vfz52o", "content": "", "creation_timestamp": "2025-05-02T20:06:15.962697Z"}, {"uuid": "1bad1431-fada-4b43-a35a-86d33a107fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53146", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16307", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-53146\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")\n\ud83d\udccf Published: 2025-05-14T12:43:59.117Z\n\ud83d\udccf Modified: 2025-05-14T12:43:59.117Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/77cbd42d29de9ffc93d5529bab8813cde53af14c\n2. https://git.kernel.org/stable/c/ecbe6d011b95c7da59f014f8d26cb7245ed1e11e\n3. https://git.kernel.org/stable/c/beb9550494e7349f92b9eaa283256a5ad9b1c9be\n4. https://git.kernel.org/stable/c/97fdbdb750342cbc204befde976872fedb406ee6\n5. https://git.kernel.org/stable/c/903566208ae6bb9c0e7e54355ce75bf6cf72485d\n6. https://git.kernel.org/stable/c/08dfcbd03b2b7f918c4f87c6ff637054e510df74\n7. https://git.kernel.org/stable/c/fb28afab113a82b89ffec48c8155ec05b4f8cb5e\n8. https://git.kernel.org/stable/c/5ae544d94abc8ff77b1b9bf8774def3fa5689b5b", "creation_timestamp": "2025-05-14T13:32:34.000000Z"}, {"uuid": "7436770f-b95f-42f4-beb8-94ce89484f17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53144", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14508", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-53144\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix wrong kunmap when using LZMA on HIGHMEM platforms\n\nAs the call trace shown, the root cause is kunmap incorrect pages:\n\n BUG: kernel NULL pointer dereference, address: 00000000\n CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted 6.2.0-rc5 #4\n Workqueue: erofs_worker z_erofs_decompressqueue_work\n EIP: z_erofs_lzma_decompress+0x34b/0x8ac\n z_erofs_decompress+0x12/0x14\n z_erofs_decompress_queue+0x7e7/0xb1c\n z_erofs_decompressqueue_work+0x32/0x60\n process_one_work+0x24b/0x4d8\n ? process_one_work+0x1a4/0x4d8\n worker_thread+0x14c/0x3fc\n kthread+0xe6/0x10c\n ? rescuer_thread+0x358/0x358\n ? kthread_complete_and_exit+0x18/0x18\n ret_from_fork+0x1c/0x28\n ---[ end trace 0000000000000000 ]---\n\nThe bug is trivial and should be fixed now. It has no impact on\n!HIGHMEM platforms.\n\ud83d\udccf Published: 2025-05-02T15:56:14.417Z\n\ud83d\udccf Modified: 2025-05-02T15:56:14.417Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/fa4056781ac067b5946c6811459e1a36842047fd\n2. https://git.kernel.org/stable/c/28aea8ae6cf212a5bf3ed962b27921e2029ad754\n3. https://git.kernel.org/stable/c/8f121dfb15f7b4ab345992ce96003eb63fd608f4", "creation_timestamp": "2025-05-02T16:16:03.000000Z"}, {"uuid": "2250d64f-bfc9-4218-b1ba-0a173400538a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53140", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14510", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-53140\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Remove the /proc/scsi/${proc_name} directory earlier\n\nRemove the /proc/scsi/${proc_name} directory earlier to fix a race\ncondition between unloading and reloading kernel modules. This fixes a bug\nintroduced in 2009 by commit 77c019768f06 (\"[SCSI] fix /proc memory leak in\nthe SCSI core\").\n\nFix the following kernel warning:\n\nproc_dir_entry 'scsi/scsi_debug' already registered\nWARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 proc_register+0x27d/0x2e0\nCall Trace:\n proc_mkdir+0xb5/0xe0\n scsi_proc_hostdir_add+0xb5/0x170\n scsi_host_alloc+0x683/0x6c0\n sdebug_driver_probe+0x6b/0x2d0 [scsi_debug]\n really_probe+0x159/0x540\n __driver_probe_device+0xdc/0x230\n driver_probe_device+0x4f/0x120\n __device_attach_driver+0xef/0x180\n bus_for_each_drv+0xe5/0x130\n __device_attach+0x127/0x290\n device_initial_probe+0x17/0x20\n bus_probe_device+0x110/0x130\n device_add+0x673/0xc80\n device_register+0x1e/0x30\n sdebug_add_host_helper+0x1a7/0x3b0 [scsi_debug]\n scsi_debug_init+0x64f/0x1000 [scsi_debug]\n do_one_initcall+0xd7/0x470\n do_init_module+0xe7/0x330\n load_module+0x122a/0x12c0\n __do_sys_finit_module+0x124/0x1a0\n __x64_sys_finit_module+0x46/0x50\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\ud83d\udccf Published: 2025-05-02T15:56:11.666Z\n\ud83d\udccf Modified: 2025-05-02T15:56:11.666Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/13daafe1e209b03e9bda16ff2bd2b2da145a139b\n2. https://git.kernel.org/stable/c/891a3cba425cf483d96facca55aebd6ff1da4338\n3. https://git.kernel.org/stable/c/6b223e32d66ca9db1f252f433514783d8b22a8e1\n4. https://git.kernel.org/stable/c/e471e928de97b00f297ad1015cc14f9459765713\n5. https://git.kernel.org/stable/c/17e98a5ede81b7696bec421f7afa2dfe467f5e6b\n6. https://git.kernel.org/stable/c/1ec363599f8346d5a8d08c71a0d9860d6c420ec0\n7. https://git.kernel.org/stable/c/fc663711b94468f4e1427ebe289c9f05669699c9", "creation_timestamp": "2025-05-02T16:16:06.000000Z"}, {"uuid": "0e53b9d2-0522-4009-9196-16b757ad922a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53142", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-53142\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nice: copy last block omitted in ice_get_module_eeprom()\n\nice_get_module_eeprom() is broken since commit e9c9692c8a81 (\"ice:\nReimplement module reads used by ethtool\") In this refactor,\nice_get_module_eeprom() reads the eeprom in blocks of size 8.\nBut the condition that should protect the buffer overflow\nignores the last block. The last block always contains zeros.\n\nBug uncovered by ethtool upstream commit 9538f384b535\n(\"netlink: eeprom: Defer page requests to individual parsers\")\nAfter this commit, ethtool reads a block with length = 1;\nto read the SFF-8024 identifier value.\n\nunpatched driver:\n$ ethtool -m enp65s0f0np0 offset 0x90 length 8\nOffset Values\n------ ------\n0x0090: 00 00 00 00 00 00 00 00\n$ ethtool -m enp65s0f0np0 offset 0x90 length 12\nOffset Values\n------ ------\n0x0090: 00 00 01 a0 4d 65 6c 6c 00 00 00 00\n$\n\n$ ethtool -m enp65s0f0np0\nOffset Values\n------ ------\n0x0000: 11 06 06 00 00 00 00 00 00 00 00 00 00 00 00 00\n0x0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n0x0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n0x0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n0x0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n0x0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n0x0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 08 00\n0x0070: 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\npatched driver:\n$ ethtool -m enp65s0f0np0 offset 0x90 length 8\nOffset Values\n------ ------\n0x0090: 00 00 01 a0 4d 65 6c 6c\n$ ethtool -m enp65s0f0np0 offset 0x90 length 12\nOffset Values\n------ ------\n0x0090: 00 00 01 a0 4d 65 6c 6c 61 6e 6f 78\n$ ethtool -m enp65s0f0np0\n Identifier : 0x11 (QSFP28)\n Extended identifier : 0x00\n Extended identifier description : 1.5W max. Power consumption\n Extended identifier description : No CDR in TX, No CDR in RX\n Extended identifier description : High Power Class (> 3.5 W) not enabled\n Connector : 0x23 (No separable connector)\n Transceiver codes : 0x88 0x00 0x00 0x00 0x00 0x00 0x00 0x00\n Transceiver type : 40G Ethernet: 40G Base-CR4\n Transceiver type : 25G Ethernet: 25G Base-CR CA-N\n Encoding : 0x05 (64B/66B)\n BR, Nominal : 25500Mbps\n Rate identifier : 0x00\n Length (SMF,km) : 0km\n Length (OM3 50um) : 0m\n Length (OM2 50um) : 0m\n Length (OM1 62.5um) : 0m\n Length (Copper or Active cable) : 1m\n Transmitter technology : 0xa0 (Copper cable unequalized)\n Attenuation at 2.5GHz : 4db\n Attenuation at 5.0GHz : 5db\n Attenuation at 7.0GHz : 7db\n Attenuation at 12.9GHz : 10db\n ........\n ....\n\ud83d\udccf Published: 2025-05-02T15:56:12.949Z\n\ud83d\udccf Modified: 2025-05-02T15:56:12.949Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c813f7a3161481483ae2077651b21bc217c419e0\n2. https://git.kernel.org/stable/c/90b40ab29298db3a4879c1d3c4e685184386bce6\n3. https://git.kernel.org/stable/c/8cfbdda65588e75bfbd93e5ee847efcb4796ad09\n4. https://git.kernel.org/stable/c/84cba1840e68430325ac133a11be06bfb2f7acd8", "creation_timestamp": "2025-05-02T16:16:04.000000Z"}, {"uuid": "f37fe30b-1925-407d-819f-2c07858dac01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-53149", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "34204a42-858e-4fcd-bba7-b02257584774", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53145", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15898", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-53145\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition\n\nIn btsdio_probe, the data->work is bound with btsdio_work. It will be\nstarted in btsdio_send_frame.\n\nIf the btsdio_remove runs with a unfinished work, there may be a race\ncondition that hdev is freed but used in btsdio_work. Fix it by\ncanceling the work before do cleanup in btsdio_remove.\n\ud83d\udccf Published: 2025-05-10T14:19:14.932Z\n\ud83d\udccf Modified: 2025-05-10T14:19:14.932Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b\n2. https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e\n3. https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e\n4. https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d\n5. https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3\n6. https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4\n7. https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318", "creation_timestamp": "2025-05-10T15:26:23.000000Z"}, {"uuid": "06f4235a-2321-4fda-9dc0-23816c491d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53144", "type": "seen", "source": "https://t.me/cvedetector/24349", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-53144 - Linux Kernel erofs LZMA HIGHMEM NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-53144 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nerofs: fix wrong kunmap when using LZMA on HIGHMEM platforms \n \nAs the call trace shown, the root cause is kunmap incorrect pages: \n \n BUG: kernel NULL pointer dereference, address: 00000000 \n CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted 6.2.0-rc5 #4 \n Workqueue: erofs_worker z_erofs_decompressqueue_work \n EIP: z_erofs_lzma_decompress+0x34b/0x8ac \n z_erofs_decompress+0x12/0x14 \n z_erofs_decompress_queue+0x7e7/0xb1c \n z_erofs_decompressqueue_work+0x32/0x60 \n process_one_work+0x24b/0x4d8 \n ? process_one_work+0x1a4/0x4d8 \n worker_thread+0x14c/0x3fc \n kthread+0xe6/0x10c \n ? rescuer_thread+0x358/0x358 \n ? kthread_complete_and_exit+0x18/0x18 \n ret_from_fork+0x1c/0x28 \n ---[ end trace 0000000000000000 ]--- \n \nThe bug is trivial and should be fixed now. It has no impact on \n!HIGHMEM platforms. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T20:07:32.000000Z"}, {"uuid": "ab6dba8c-907b-48a7-a2b4-7fb811032097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53141", "type": "seen", "source": "https://t.me/cvedetector/24350", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-53141 - Intel Ila Netlink Vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-53141 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() \n \nila_xlat_nl_cmd_get_mapping() generates an empty skb, \ntriggerring a recent sanity check [1]. \n \nInstead, return an error code, so that user space \ncan get it. \n \n[1] \nskb_assert_len \nWARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 skb_assert_len include/linux/skbuff.h:2527 [inline] \nWARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 \nModules linked in: \nCPU: 0 PID: 5923 Comm: syz-executor269 Not tainted 6.2.0-syzkaller-18300-g2ebd1fbb946d #0 \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 \npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) \npc : skb_assert_len include/linux/skbuff.h:2527 [inline] \npc : __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 \nlr : skb_assert_len include/linux/skbuff.h:2527 [inline] \nlr : __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 \nsp : ffff80001e0d6c40 \nx29: ffff80001e0d6e60 x28: dfff800000000000 x27: ffff0000c86328c0 \nx26: dfff800000000000 x25: ffff0000c8632990 x24: ffff0000c8632a00 \nx23: 0000000000000000 x22: 1fffe000190c6542 x21: ffff0000c8632a10 \nx20: ffff0000c8632a00 x19: ffff80001856e000 x18: ffff80001e0d5fc0 \nx17: 0000000000000000 x16: ffff80001235d16c x15: 0000000000000000 \nx14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001 \nx11: ff80800008353a30 x10: 0000000000000000 x9 : 21567eaf25bfb600 \nx8 : 21567eaf25bfb600 x7 : 0000000000000001 x6 : 0000000000000001 \nx5 : ffff80001e0d6558 x4 : ffff800015c74760 x3 : ffff800008596744 \nx2 : 0000000000000001 x1 : 0000000100000000 x0 : 000000000000000e \nCall trace: \nskb_assert_len include/linux/skbuff.h:2527 [inline] \n__dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 \ndev_queue_xmit include/linux/netdevice.h:3033 [inline] \n__netlink_deliver_tap_skb net/netlink/af_netlink.c:307 [inline] \n__netlink_deliver_tap+0x45c/0x6f8 net/netlink/af_netlink.c:325 \nnetlink_deliver_tap+0xf4/0x174 net/netlink/af_netlink.c:338 \n__netlink_sendskb net/netlink/af_netlink.c:1283 [inline] \nnetlink_sendskb+0x6c/0x154 net/netlink/af_netlink.c:1292 \nnetlink_unicast+0x334/0x8d4 net/netlink/af_netlink.c:1380 \nnlmsg_unicast include/net/netlink.h:1099 [inline] \ngenlmsg_unicast include/net/genetlink.h:433 [inline] \ngenlmsg_reply include/net/genetlink.h:443 [inline] \nila_xlat_nl_cmd_get_mapping+0x620/0x7d0 net/ipv6/ila/ila_xlat.c:493 \ngenl_family_rcv_msg_doit net/netlink/genetlink.c:968 [inline] \ngenl_family_rcv_msg net/netlink/genetlink.c:1048 [inline] \ngenl_rcv_msg+0x938/0xc1c net/netlink/genetlink.c:1065 \nnetlink_rcv_skb+0x214/0x3c4 net/netlink/af_netlink.c:2574 \ngenl_rcv+0x38/0x50 net/netlink/genetlink.c:1076 \nnetlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline] \nnetlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1365 \nnetlink_sendmsg+0x800/0xae0 net/netlink/af_netlink.c:1942 \nsock_sendmsg_nosec net/socket.c:714 [inline] \nsock_sendmsg net/socket.c:734 [inline] \n____sys_sendmsg+0x558/0x844 net/socket.c:2479 \n___sys_sendmsg net/socket.c:2533 [inline] \n__sys_sendmsg+0x26c/0x33c net/socket.c:2562 \n__do_sys_sendmsg net/socket.c:2571 [inline] \n__se_sys_sendmsg net/socket.c:2569 [inline] \n__arm64_sys_sendmsg+0x80/0x94 net/socket.c:2569 \n__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] \ninvoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 \nel0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 \ndo_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:193 \nel0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 \nel0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 \nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 \nirq event stamp: 136484 \nhardirqs [...]", "creation_timestamp": "2025-05-02T20:07:33.000000Z"}, {"uuid": "3aa0f7bd-a709-4c28-9e09-92bbcca437dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53142", "type": "seen", "source": "https://t.me/cvedetector/24352", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-53142 - \"Ice: Buffer Overflow in ice_get_module_eeprom()\"\", \n \"Content\": \"CVE ID : CVE-2023-53142 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nice: copy last block omitted in ice_get_module_eeprom() \n \nice_get_module_eeprom() is broken since commit e9c9692c8a81 (\"ice: \nReimplement module reads used by ethtool\") In this refactor, \nice_get_module_eeprom() reads the eeprom in blocks of size 8. \nBut the condition that should protect the buffer overflow \nignores the last block. The last block always contains zeros. \n \nBug uncovered by ethtool upstream commit 9538f384b535 \n(\"netlink: eeprom: Defer page requests to individual parsers\") \nAfter this commit, ethtool reads a block with length = 1; \nto read the SFF-8024 identifier value. \n \nunpatched driver: \n$ ethtool -m enp65s0f0np0 offset 0x90 length 8 \nOffset Values \n------ ------ \n0x0090: 00 00 00 00 00 00 00 00 \n$ ethtool -m enp65s0f0np0 offset 0x90 length 12 \nOffset Values \n------ ------ \n0x0090: 00 00 01 a0 4d 65 6c 6c 00 00 00 00 \n$ \n \n$ ethtool -m enp65s0f0np0 \nOffset Values \n------ ------ \n0x0000: 11 06 06 00 00 00 00 00 00 00 00 00 00 00 00 00 \n0x0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n0x0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n0x0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n0x0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n0x0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n0x0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 08 00 \n0x0070: 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n \npatched driver: \n$ ethtool -m enp65s0f0np0 offset 0x90 length 8 \nOffset Values \n------ ------ \n0x0090: 00 00 01 a0 4d 65 6c 6c \n$ ethtool -m enp65s0f0np0 offset 0x90 length 12 \nOffset Values \n------ ------ \n0x0090: 00 00 01 a0 4d 65 6c 6c 61 6e 6f 78 \n$ ethtool -m enp65s0f0np0 \n Identifier : 0x11 (QSFP28) \n Extended identifier : 0x00 \n Extended identifier description : 1.5W max. Power consumption \n Extended identifier description : No CDR in TX, No CDR in RX \n Extended identifier description : High Power Class (> 3.5 W) not enabled \n Connector : 0x23 (No separable connector) \n Transceiver codes : 0x88 0x00 0x00 0x00 0x00 0x00 0x00 0x00 \n Transceiver type : 40G Ethernet: 40G Base-CR4 \n Transceiver type : 25G Ethernet: 25G Base-CR CA-N \n Encoding : 0x05 (64B/66B) \n BR, Nominal : 25500Mbps \n Rate identifier : 0x00 \n Length (SMF,km) : 0km \n Length (OM3 50um) : 0m \n Length (OM2 50um) : 0m \n Length (OM1 62.5um) : 0m \n Length (Copper or Active cable) : 1m \n Transmitter technology : 0xa0 (Copper cable unequalized) \n Attenuation at 2.5GHz : 4db \n Attenuation at 5.0GHz : 5db \n Attenuation at 7.0GHz : 7db \n Attenuation at 12.9GHz : 10db \n ........ \n .... \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T20:07:35.000000Z"}, {"uuid": "cbeab3db-0d97-4414-8081-9eb8fa39b098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53143", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/24353", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-53143 - \"Ext4 Linux Kernel Off-by-One Error in fsmap Handling\"\", \n \"Content\": \"CVE ID : CVE-2023-53143 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \next4: fix another off-by-one fsmap error on 1k block filesystems \n \nApparently syzbot figured out that issuing this FSMAP call: \n \nstruct fsmap_head cmd = { \n .fmh_count = ...; \n .fmh_keys = { \n { .fmr_device = /* ext4 dev */, .fmr_physical = 0, }, \n { .fmr_device = /* ext4 dev */, .fmr_physical = 0, }, \n }, \n... \n}; \nret = ioctl(fd, FS_IOC_GETFSMAP, &cmd); \n \nProduces this crash if the underlying filesystem is a 1k-block ext4 \nfilesystem: \n \nkernel BUG at fs/ext4/ext4.h:3331! \ninvalid opcode: 0000 [#1] PREEMPT SMP \nCPU: 3 PID: 3227965 Comm: xfs_io Tainted: G W O 6.2.0-rc8-achx \nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 \nRIP: 0010:ext4_mb_load_buddy_gfp+0x47c/0x570 [ext4] \nRSP: 0018:ffffc90007c03998 EFLAGS: 00010246 \nRAX: ffff888004978000 RBX: ffffc90007c03a20 RCX: ffff888041618000 \nRDX: 0000000000000000 RSI: 00000000000005a4 RDI: ffffffffa0c99b11 \nRBP: ffff888012330000 R08: ffffffffa0c2b7d0 R09: 0000000000000400 \nR10: ffffc90007c03950 R11: 0000000000000000 R12: 0000000000000001 \nR13: 00000000ffffffff R14: 0000000000000c40 R15: ffff88802678c398 \nFS: 00007fdf2020c880(0000) GS:ffff88807e100000(0000) knlGS:0000000000000000 \nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \nCR2: 00007ffd318a5fe8 CR3: 000000007f80f001 CR4: 00000000001706e0 \nCall Trace: \n \n ext4_mballoc_query_range+0x4b/0x210 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] \n ext4_getfsmap_datadev+0x713/0x890 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] \n ext4_getfsmap+0x2b7/0x330 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] \n ext4_ioc_getfsmap+0x153/0x2b0 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] \n __ext4_ioctl+0x2a7/0x17e0 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] \n __x64_sys_ioctl+0x82/0xa0 \n do_syscall_64+0x2b/0x80 \n entry_SYSCALL_64_after_hwframe+0x46/0xb0 \nRIP: 0033:0x7fdf20558aff \nRSP: 002b:00007ffd318a9e30 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 \nRAX: ffffffffffffffda RBX: 00000000000200c0 RCX: 00007fdf20558aff \nRDX: 00007fdf1feb2010 RSI: 00000000c0c0583b RDI: 0000000000000003 \nRBP: 00005625c0634be0 R08: 00005625c0634c40 R09: 0000000000000001 \nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf1feb2010 \nR13: 00005625be70d994 R14: 0000000000000800 R15: 0000000000000000 \n \nFor GETFSMAP calls, the caller selects a physical block device by \nwriting its block number into fsmap_head.fmh_keys[01].fmr_device. \nTo query mappings for a subrange of the device, the starting byte of the \nrange is written to fsmap_head.fmh_keys[0].fmr_physical and the last \nbyte of the range goes in fsmap_head.fmh_keys[1].fmr_physical. \n \nIOWs, to query what mappings overlap with bytes 3-14 of /dev/sda, you'd \nset the inputs as follows: \n \n fmh_keys[0] = { .fmr_device = major(8, 0), .fmr_physical = 3}, \n fmh_keys[1] = { .fmr_device = major(8, 0), .fmr_physical = 14}, \n \nWhich would return you whatever is mapped in the 12 bytes starting at \nphysical offset 3. \n \nThe crash is due to insufficient range validation of keys[1] in \next4_getfsmap_datadev. On 1k-block filesystems, block 0 is not part of \nthe filesystem, which means that s_first_data_block is nonzero. \next4_get_group_no_and_offset subtracts this quantity from the blocknr \nargument before cracking it into a group number and a block number \nwithin a group. IOWs, block group 0 spans blocks 1-8192 (1-based) \ninstead of 0-8191 (0-based) like what happens with larger blocksizes. \n \nThe net result of this encoding is that blocknr < s_first_data_block is \nnot a valid input to this function. The end_fsb variable is set from \nthe keys that are copied from userspace, which means that in the above \nexample, its value is zero. That leads [...]", "creation_timestamp": "2025-05-02T20:07:39.000000Z"}, {"uuid": "71f53ecc-0b97-46ab-8199-a70eddee22b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53140", "type": "seen", "source": "https://t.me/cvedetector/24362", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-53140 - \"Linux Kernel SCSI Core /proc/scsi Directory Removal Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2023-53140 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nscsi: core: Remove the /proc/scsi/${proc_name} directory earlier \n \nRemove the /proc/scsi/${proc_name} directory earlier to fix a race \ncondition between unloading and reloading kernel modules. This fixes a bug \nintroduced in 2009 by commit 77c019768f06 (\"[SCSI] fix /proc memory leak in \nthe SCSI core\"). \n \nFix the following kernel warning: \n \nproc_dir_entry 'scsi/scsi_debug' already registered \nWARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 proc_register+0x27d/0x2e0 \nCall Trace: \n proc_mkdir+0xb5/0xe0 \n scsi_proc_hostdir_add+0xb5/0x170 \n scsi_host_alloc+0x683/0x6c0 \n sdebug_driver_probe+0x6b/0x2d0 [scsi_debug] \n really_probe+0x159/0x540 \n __driver_probe_device+0xdc/0x230 \n driver_probe_device+0x4f/0x120 \n __device_attach_driver+0xef/0x180 \n bus_for_each_drv+0xe5/0x130 \n __device_attach+0x127/0x290 \n device_initial_probe+0x17/0x20 \n bus_probe_device+0x110/0x130 \n device_add+0x673/0xc80 \n device_register+0x1e/0x30 \n sdebug_add_host_helper+0x1a7/0x3b0 [scsi_debug] \n scsi_debug_init+0x64f/0x1000 [scsi_debug] \n do_one_initcall+0xd7/0x470 \n do_init_module+0xe7/0x330 \n load_module+0x122a/0x12c0 \n __do_sys_finit_module+0x124/0x1a0 \n __x64_sys_finit_module+0x46/0x50 \n do_syscall_64+0x38/0x80 \n entry_SYSCALL_64_after_hwframe+0x46/0xb0 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T20:07:49.000000Z"}, {"uuid": "3037f5a2-7d59-447f-8439-462541452861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53145", "type": "seen", "source": "https://t.me/cvedetector/25017", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-53145 - Qualcomm Bluetooth BTSdio Use After Free Buffer Overflow\", \n \"Content\": \"CVE ID : CVE-2023-53145 \nPublished : May 10, 2025, 3:15 p.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nBluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition \n \nIn btsdio_probe, the data->work is bound with btsdio_work. It will be \nstarted in btsdio_send_frame. \n \nIf the btsdio_remove runs with a unfinished work, there may be a race \ncondition that hdev is freed but used in btsdio_work. Fix it by \ncanceling the work before do cleanup in btsdio_remove. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-10T18:57:47.000000Z"}]}