Buffer Overflow Vulnerability in Linux Kernel Affects Broadcom Wireless Devices
CVE-2023-53582

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2023-53582?

The Linux kernel has resolved a vulnerability in the brcmfmac driver that can lead to a stack-out-of-bounds read. This situation arises when a buffer, populated with a CLM version string, is not properly null-terminated before being used as an argument in the strreplace() function during device preinitialization. Failure to ensure null-termination could potentially allow for arbitrary reads beyond the allocated buffer size. The issue was identified via a modified syzkaller, emphasizing the importance of robust input validation in kernel modules to enhance overall system security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3b173b4ad9c001a555f44adc7836d6fe3afbe9ec

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 423a1297ea72bbddf64dbb0957f2879c0f2aa5d0

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0ca2efea4f11c6255061e852ac188264c469c197

References

https://git.kernel.org/stable/c/3b173b4ad9c001a555f44adc7...

https://git.kernel.org/stable/c/423a1297ea72bbddf64dbb095...

https://git.kernel.org/stable/c/0ca2efea4f11c6255061e852a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON