Linux Kernel Vulnerability in vsp1 Driver
CVE-2023-53497

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53497?

A vulnerability in the vsp1 driver of the Linux kernel can lead to system crashes. The bug arises from a recent change in how the driver checks for the start of streaming operations. Instead of confirming that streaming has been initiated, the function erroneously believes it has, due to premature updates to the streaming state. This misjudgment results in kernel NULL pointer dereferences, causing the driver to fault and potentially crash the system. Immediate attention to updating the kernel version can prevent such incidents.

Affected Version(s)

Linux a10b215325740376ed551814a37d1f8e9d6b1ced < 960dc0aa4aa149f6f39125394f4feb51b7addc60

Linux a10b215325740376ed551814a37d1f8e9d6b1ced

Linux a10b215325740376ed551814a37d1f8e9d6b1ced < 52d8caca3d533cc499f1255be25576ffd936ec95

References

https://git.kernel.org/stable/c/960dc0aa4aa149f6f39125394...

https://git.kernel.org/stable/c/b54f74214adf4e77cba6badf4...

https://git.kernel.org/stable/c/52d8caca3d533cc499f1255be...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON