media: uvcvideo: Handle cameras with invalid descriptors
CVE-2023-53437

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53437?

In the Linux kernel, the following vulnerability has been resolved:

media: uvcvideo: Handle cameras with invalid descriptors

If the source entity does not contain any pads, do not create a link.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2914259fcea23971c6fed8b2618d3a729a78c365

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4e4e6ca62e77539d4df8d13137e2683b10baddd9

References

https://git.kernel.org/stable/c/c8f4a424af5879baefb0fb8a8...
https://git.kernel.org/stable/c/2914259fcea23971c6fed8b26...
https://git.kernel.org/stable/c/4e4e6ca62e77539d4df8d1313...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-53437 : Linux Kernel Vulnerability Affecting UVC Video Devices