Bounds Checking Vulnerability in Linux Kernel Affects Accel/QAIC
CVE-2023-53493

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53493?

A vulnerability in the Linux kernel's accel/qaic module arose from inadequate bounds checking during message decoding. When handling messages, the system failed to ensure sufficient space for headers and data, potentially allowing for negative sizing and memory corruption. Fixes implemented focus on validating message lengths and ensuring that header sizes are adequate, incorporating measures to prevent integer overflows. This enhances system stability and security against potential exploits.

Affected Version(s)

Linux 129776ac2e38231fa9c02ce20e116c99de291666 < 57d14cb3bae4619ce2fb5235cb318c3d5d8f53fd

Linux 129776ac2e38231fa9c02ce20e116c99de291666 < 51b56382ed2a2b03347372272362b3baa623ed1e

Linux 6.4

References

https://git.kernel.org/stable/c/57d14cb3bae4619ce2fb5235c...

https://git.kernel.org/stable/c/51b56382ed2a2b03347372272...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON