CVE-2023-53803
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/12/2025
Last modified:
09/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()<br />
<br />
A fix for:<br />
<br />
BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses]<br />
Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271<br />
<br />
Checking after (and before in next loop) addl_desc_ptr[1] is sufficient, we<br />
expect the size to be sanitized before first access to addl_desc_ptr[1].<br />
Make sure we don&#39;t walk beyond end of page.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0dfe68394cbe1d4fe579fb325ecc813c50528c5a
- https://git.kernel.org/stable/c/2b28a7d261cb309912596d6a2d383ca370483527
- https://git.kernel.org/stable/c/467afb1dd630d8c6d172bd6cacc125199b5f4f2d
- https://git.kernel.org/stable/c/799e8dd2022d2e13f0c5c1906b40ceca07a23349
- https://git.kernel.org/stable/c/9b4f5028e493cb353a5c8f5c45073eeea0303abd
- https://git.kernel.org/stable/c/9e5c7d52085b8c84bc82a261580f0eb170039325
- https://git.kernel.org/stable/c/da1a955c48a16e16e925d6544793914e52a6fa51
- https://git.kernel.org/stable/c/e4dd25da784b2e07dbfbf04509afa4c5a1375227