{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53380","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-09-17T14:54:09.736Z","datePublished":"2025-09-18T13:33:25.383Z","dateUpdated":"2026-05-11T19:43:49.796Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:43:49.796Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix null-ptr-deref of mreplace in raid10_sync_request\n\nThere are two check of 'mreplace' in raid10_sync_request(). In the first\ncheck, 'need_replace' will be set and 'mreplace' will be used later if\nno-Faulty 'mreplace' exists, In the second check, 'mreplace' will be\nset to NULL if it is Faulty, but 'need_replace' will not be changed\naccordingly. null-ptr-deref occurs if Faulty is set between two check.\n\nFix it by merging two checks into one. And replace 'need_replace' with\n'mreplace' because their values are always the same."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/md/raid10.c"],"versions":[{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"45fa023b3334a7ae6f6c4eb977295804222dfa28","status":"affected","versionType":"git"},{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"2990e2ece18dd4cca71b3109c80517ad94adb065","status":"affected","versionType":"git"},{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f","status":"affected","versionType":"git"},{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"222cc459d59857ee28a5366dc225ab42b22f9272","status":"affected","versionType":"git"},{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"b5015b97adda6a24dd3e713c63e521ecbeff25c6","status":"affected","versionType":"git"},{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"144c7fd008e0072b0b565f1157eec618de54ca8a","status":"affected","versionType":"git"},{"version":"ee37d7314a32ab6809eacc3389bad0406c69a81f","lessThan":"34817a2441747b48e444cb0e05d84e14bc9443da","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/md/raid10.c"],"versions":[{"version":"4.20","status":"affected"},{"version":"0","lessThan":"4.20","status":"unaffected","versionType":"semver"},{"version":"5.4.251","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.188","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.121","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.39","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.3.13","lessThanOrEqual":"6.3.*","status":"unaffected","versionType":"semver"},{"version":"6.4.4","lessThanOrEqual":"6.4.*","status":"unaffected","versionType":"semver"},{"version":"6.5","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.251"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.10.188"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.15.121"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"6.1.39"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"6.3.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"6.4.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"6.5"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/45fa023b3334a7ae6f6c4eb977295804222dfa28"},{"url":"https://git.kernel.org/stable/c/2990e2ece18dd4cca71b3109c80517ad94adb065"},{"url":"https://git.kernel.org/stable/c/f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f"},{"url":"https://git.kernel.org/stable/c/222cc459d59857ee28a5366dc225ab42b22f9272"},{"url":"https://git.kernel.org/stable/c/b5015b97adda6a24dd3e713c63e521ecbeff25c6"},{"url":"https://git.kernel.org/stable/c/144c7fd008e0072b0b565f1157eec618de54ca8a"},{"url":"https://git.kernel.org/stable/c/34817a2441747b48e444cb0e05d84e14bc9443da"}],"title":"md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"id":"CVE-2023-53380","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2026-01-14T18:56:06.480784Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-476","description":"CWE-476 NULL Pointer Dereference"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-01-14T19:03:04.150Z"}}]}}