CVE-2023-53437 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/11196ee3916e50a5da3c1e6ecda19a02dca14ba3
https://git.kernel.org/stable/c/1a76cfc388cf105d3e04ac592670a52a3864b1ba
https://git.kernel.org/stable/c/2914259fcea23971c6fed8b2618d3a729a78c365
https://git.kernel.org/stable/c/31a8d11d28b57656cebfbd4c0b8b76f6ad5b017d
https://git.kernel.org/stable/c/41ddb251c68ac75c101d3a50a68c4629c9055e4c
https://git.kernel.org/stable/c/4e4e6ca62e77539d4df8d13137e2683b10baddd9
https://git.kernel.org/stable/c/c8f4a424af5879baefb0fb8a8a09b09ea1779483
https://git.kernel.org/stable/c/d8aa2e1ae6426d7cbddf1735aed1a63ddf0e6909
https://lore.kernel.org/linux-cve-announce/2025091858-CVE-2023-53437-7993@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53437
https://www.cve.org/CVERecord?id=CVE-2023-53437

History

Fri, 19 Sep 2025 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Fri, 19 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091858-CVE-2023-53437-7993@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53437 https://www.cve.org/CVERecord?id=CVE-2023-53437
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Thu, 18 Sep 2025 16:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link.
Title		media: uvcvideo: Handle cameras with invalid descriptors
References		https://git.kernel.org/stable/c/11196ee3916e50a5da3c1e6ecda19a02dca14ba3 https://git.kernel.org/stable/c/1a76cfc388cf105d3e04ac592670a52a3864b1ba https://git.kernel.org/stable/c/2914259fcea23971c6fed8b2618d3a729a78c365 https://git.kernel.org/stable/c/31a8d11d28b57656cebfbd4c0b8b76f6ad5b017d https://git.kernel.org/stable/c/41ddb251c68ac75c101d3a50a68c4629c9055e4c https://git.kernel.org/stable/c/4e4e6ca62e77539d4df8d13137e2683b10baddd9 https://git.kernel.org/stable/c/c8f4a424af5879baefb0fb8a8a09b09ea1779483 https://git.kernel.org/stable/c/d8aa2e1ae6426d7cbddf1735aed1a63ddf0e6909

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-18T16:04:15.807Z

Updated: 2025-09-18T16:04:15.807Z

Reserved: 2025-09-17T14:54:09.751Z

Link: CVE-2023-53437

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-18T16:15:47.847

Modified: 2025-09-18T16:15:47.847

Link: CVE-2023-53437

Redhat

Severity : Moderate

Publid Date: 2025-09-18T00:00:00Z

Links: CVE-2023-53437 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object