CVE-2023-53658

{"id": "CVE-2023-53658", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-10-07T16:15:49.443", "references": [{"url": "https://git.kernel.org/stable/c/217b6ea8cf7b819477bca597a6ae2d43d38ba283", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/22ae32d80ef590d12a2364e4621f90f7c58445c7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/32b9c8f7892c19f7f5c9fed5fb410b9fd5990bb6", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/398e6a015877d44327f754aeb48ff3354945c78c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7c1f23ad34fcdace50275a6aa1e1969b41c6233f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a91c34357afcfaa5307e254f22a8452550a07b34", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d20db3c58a7f9361e370a7850ceb60dbdf62eea3", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d3dcdb43c872a3b967345144151a2c9bb9124c9b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: bcm-qspi: return error if neither hif_mspi nor mspi is available\n\nIf neither a \"hif_mspi\" nor \"mspi\" resource is present, the driver will\njust early exit in probe but still return success. Apart from not doing\nanything meaningful, this would then also lead to a null pointer access\non removal, as platform_get_drvdata() would return NULL, which it would\nthen try to dereference when trying to unregister the spi master.\n\nFix this by unconditionally calling devm_ioremap_resource(), as it can\nhandle a NULL res and will then return a viable ERR_PTR() if we get one.\n\nThe \"return 0;\" was previously a \"goto qspi_resource_err;\" where then\nret was returned, but since ret was still initialized to 0 at this place\nthis was a valid conversion in 63c5395bb7a9 (\"spi: bcm-qspi: Fix\nuse-after-free on unbind\"). The issue was not introduced by this commit,\nonly made more obvious."}], "lastModified": "2026-02-03T19:51:14.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A54AA59F-7E5E-40C7-AF0D-300A9397F462", "versionEndExcluding": "4.14.322", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2D2CA9F-4CC4-4AF5-8C6D-E58415AB782E", "versionEndExcluding": "4.19.291", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FA663C4-CA72-4B5A-8592-7354D978F58E", "versionEndExcluding": "5.4.251", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43CAE50A-4A6C-488E-813C-F8DB77C13C8B", "versionEndExcluding": "5.10.188", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC77775B-EC31-4966-966C-1286C02B2A85", "versionEndExcluding": "5.15.121", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BD1D4A1-304D-4187-8178-6D7C0050B1AF", "versionEndExcluding": "6.1.39", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A91BC267-63EE-413E-A6EF-6B96C2A278D1", "versionEndExcluding": "6.4.4", "versionStartIncluding": "6.2"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}