Buffer Overflow in Linux Kernel Affecting UBI Driver
CVE-2023-53265

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53265?

A vulnerability in the Linux Kernel's UBI driver has been identified that allows an out-of-bounds access due to improper handling of VID header offsets. This can lead to a buffer overflow, potentially allowing unauthorized memory access or corruption. The issue arises when the combination of VID header offset and size exceeds the allocated buffer, triggering a KASAN report indicating a slab-out-of-bounds error. Users must ensure that their kernel versions are updated to mitigate this risk.

Affected Version(s)

Linux 801c135ce73d5df1caf3eca35b66a10824ae0707 < 61e04db3bec87f7dd10074296deb7d083e2ccade

Linux 801c135ce73d5df1caf3eca35b66a10824ae0707 < 771e207a839a29ba943e89f473b0fecd16089e2e

Linux 801c135ce73d5df1caf3eca35b66a10824ae0707

References

https://git.kernel.org/stable/c/61e04db3bec87f7dd10074296...

https://git.kernel.org/stable/c/771e207a839a29ba943e89f47...

https://git.kernel.org/stable/c/f7adb740f97b6fa84e658892d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025