Kernel Panic Vulnerability in Intel's ISH Firmware in Linux Kernel
CVE-2023-53392

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53392?

A vulnerability has been identified in the Linux kernel affecting the Intel ISH (Intelligent System Hardware) firmware. This issue arises during a warm reset when the device's firmware client is set to NULL. If a bus driver registers after this NULL setting but before new firmware clients are enumerated by the ISHTP (Intelligent System Host Transport Protocol), it can lead to a kernel panic. Specifically, the function 'ishtp_cl_bus_match()' attempts to reference a NULL pointer when trying to access 'device->fw_client->props.protocol_name'. This vulnerability highlights the critical interactions between the ISH firmware and device drivers within the kernel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 44e2a58cb8803e3e40eaf5708c4d15b4118913c4 < 6c8cc40c588f8080a164d88336b1490279e0f1da

Linux 44e2a58cb8803e3e40eaf5708c4d15b4118913c4 < 45b9055a3a3ff6e8c08faad82ea36a8644a81587

Linux 44e2a58cb8803e3e40eaf5708c4d15b4118913c4 < 38518593ec55e897abda4b4be77b2ec8ec4447d1

References

https://git.kernel.org/stable/c/6c8cc40c588f8080a164d8833...
https://git.kernel.org/stable/c/45b9055a3a3ff6e8c08faad82...
https://git.kernel.org/stable/c/38518593ec55e897abda4b4be...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.