Buffer Handling Vulnerability in Linux Kernel's CAN BCM Component
CVE-2023-53344

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2023-53344?

In the Linux kernel, a vulnerability has been identified within the CAN BCM component concerning improper handling of memory during buffer operations. This issue arises when the 'memcpy_from_msg' function encounters an error during copying, leading to a comparison of uninitialized memory. This can potentially cause unpredictable behavior in the kernel, posing a risk to system stability and security. The vulnerability has been addressed through a patch that implements error handling after the memory copy operation to mitigate the risk of uninitialized memory being utilized.

Affected Version(s)

Linux 6f3b911d5f29b98752e5da86a295210c0c4f4e14 < 3fa0f1e0e31b1b73cdf59d4c36c7242e6ef821be

Linux 6f3b911d5f29b98752e5da86a295210c0c4f4e14 < 618b15d09fed6126356101543451d49860db4388

Linux 6f3b911d5f29b98752e5da86a295210c0c4f4e14 < 78bc7f0ab99458221224d3ab97199c0f8e6861f1

References

https://git.kernel.org/stable/c/3fa0f1e0e31b1b73cdf59d4c3...

https://git.kernel.org/stable/c/618b15d09fed6126356101543...

https://git.kernel.org/stable/c/78bc7f0ab99458221224d3ab9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 16, 2025