Out-of-Bounds Access Vulnerability in Linux Kernel's SCSI SES Component
CVE-2023-53675

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2023-53675?

A vulnerability exists in the Linux kernel related to the SCSI SES (SCSI Enclosure Services) component, where improper sanitization of pointer accesses can lead to out-of-bounds memory access. This flaw, found in the ses_enclosure_data_process() function, poses risks as it may allow attackers to exploit such conditions, potentially leading to memory corruption or system instability. The issue has been addressed by implementing stricter controls to sanitize pointer accesses, ensuring stability and security within the affected systems.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 79ec5dd5fb07ecaea2f978c2d7a9f2f3526e4d19

References

https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e2...

https://git.kernel.org/stable/c/cffe09ca0555e235a42d6fa06...

https://git.kernel.org/stable/c/79ec5dd5fb07ecaea2f978c2d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON