Off-by-One Vulnerability in Linux Kernel Affecting Multiple Versions
CVE-2023-53397

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53397?

A vulnerability has been identified in the Linux kernel involving an off-by-one error in the modpost tool, which checks for executable sections of code. The flaw arises from an incorrect comparison that allows for out-of-bounds access in an array. This issue presents a potential risk for system integrity and could be exploited under specific conditions. A fix has been implemented to ensure that the comparison correctly verifies boundaries, thus enhancing the overall security of the kernel.

Affected Version(s)

Linux 52dc0595d540155436d91811f929bdc8afd6a2a1 < 7ee557590bac154d324de446d1cd0444988bd511

Linux 52dc0595d540155436d91811f929bdc8afd6a2a1 < 02dc8e8bdbe4412cfcf17ee3873e63fa5a55b957

Linux 52dc0595d540155436d91811f929bdc8afd6a2a1

References

https://git.kernel.org/stable/c/7ee557590bac154d324de446d...

https://git.kernel.org/stable/c/02dc8e8bdbe4412cfcf17ee38...

https://git.kernel.org/stable/c/cb0cdca5c979bc34c27602e20...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025