{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53548","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-04T15:14:15.921Z","datePublished":"2025-10-04T15:16:55.612Z","dateUpdated":"2026-05-11T19:47:06.180Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:47:06.180Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb\n\nThe syzbot fuzzer identified a problem in the usbnet driver:\n\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\nModules linked in:\nCPU: 0 PID: 754 Comm: kworker/0:2 Not tainted 6.4.0-rc7-syzkaller-00014-g692b7dc87ca6 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\nCode: 7c 24 18 e8 2c b4 5b fb 48 8b 7c 24 18 e8 42 07 f0 fe 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 a0 c9 fc 8a e8 5a 6f 23 fb <0f> 0b e9 58 f8 ff ff e8 fe b3 5b fb 48 81 c5 c0 05 00 00 e9 84 f7\nRSP: 0018:ffffc9000463f568 EFLAGS: 00010086\nRAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000\nRDX: ffff88801eb28000 RSI: ffffffff814c03b7 RDI: 0000000000000001\nRBP: ffff8881443b7190 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000003\nR13: ffff88802a77cb18 R14: 0000000000000003 R15: ffff888018262500\nFS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556a99c15a18 CR3: 0000000028c71000 CR4: 0000000000350ef0\nCall Trace:\n <TASK>\n usbnet_start_xmit+0xfe5/0x2190 drivers/net/usb/usbnet.c:1453\n __netdev_start_xmit include/linux/netdevice.h:4918 [inline]\n netdev_start_xmit include/linux/netdevice.h:4932 [inline]\n xmit_one net/core/dev.c:3578 [inline]\n dev_hard_start_xmit+0x187/0x700 net/core/dev.c:3594\n...\n\nThis bug is caused by the fact that usbnet trusts the bulk endpoint\naddresses its probe routine receives in the driver_info structure, and\nit does not check to see that these endpoints actually exist and have\nthe expected type and directions.\n\nThe fix is simply to add such a check."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/usb/usbnet.c"],"versions":[{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"a0715d04cf687a7e21f0d6ac8c1d479294a3f6f8","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"53c250ea57cf03af41339234b9855ae284f9db91","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"a05ac5d00eb7fcb2fda806caa4f56e88df6bc6bb","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"ec0d0be41721aca683c5606354a58ee2c687e3f8","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"27d0f755d649d388fcd12f01436c9a33289e14e3","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"1bebbd9b8037a9cc75984317cb495dec4824c399","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"0dd3e0c31bf3e933fb85faf1443833aef90b8e46","status":"affected","versionType":"git"},{"version":"2e55cc7210fef90f88201e860d8767594974574e","lessThan":"5e1627cb43ddf1b24b92eb26f8d958a3f5676ccb","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/usb/usbnet.c"],"versions":[{"version":"2.6.14","status":"affected"},{"version":"0","lessThan":"2.6.14","status":"unaffected","versionType":"semver"},{"version":"4.14.322","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.291","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.253","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.190","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.126","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.45","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.4.10","lessThanOrEqual":"6.4.*","status":"unaffected","versionType":"semver"},{"version":"6.5","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"4.14.322"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"4.19.291"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"5.4.253"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"5.10.190"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"5.15.126"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"6.1.45"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"6.4.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.14","versionEndExcluding":"6.5"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/a0715d04cf687a7e21f0d6ac8c1d479294a3f6f8"},{"url":"https://git.kernel.org/stable/c/53c250ea57cf03af41339234b9855ae284f9db91"},{"url":"https://git.kernel.org/stable/c/a05ac5d00eb7fcb2fda806caa4f56e88df6bc6bb"},{"url":"https://git.kernel.org/stable/c/ec0d0be41721aca683c5606354a58ee2c687e3f8"},{"url":"https://git.kernel.org/stable/c/27d0f755d649d388fcd12f01436c9a33289e14e3"},{"url":"https://git.kernel.org/stable/c/1bebbd9b8037a9cc75984317cb495dec4824c399"},{"url":"https://git.kernel.org/stable/c/0dd3e0c31bf3e933fb85faf1443833aef90b8e46"},{"url":"https://git.kernel.org/stable/c/5e1627cb43ddf1b24b92eb26f8d958a3f5676ccb"}],"title":"net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb","x_generator":{"engine":"bippy-1.2.0"}}}}