{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53729","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-22T13:21:37.349Z","datePublished":"2025-10-22T13:23:57.739Z","dateUpdated":"2026-05-11T19:50:43.600Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:50:43.600Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: qmi_encdec: Restrict string length in decode\n\nThe QMI TLV value for strings in a lot of qmi element info structures\naccount for null terminated strings with MAX_LEN + 1. If a string is\nactually MAX_LEN + 1 length, this will cause an out of bounds access\nwhen the NULL character is appended in decoding."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/soc/qcom/qmi_encdec.c"],"versions":[{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"6b58859e7c4ac357517a59f0801e8ce1b58a8ee2","status":"affected","versionType":"git"},{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"64c5e916fabe5ef7bef0210b8a59fa8941ee1b8e","status":"affected","versionType":"git"},{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"2ccab9f82772ead618689d17dbc6950d6bd1e741","status":"affected","versionType":"git"},{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"b2f39b813d1eed4a522428d1e6acd7dfe9b81579","status":"affected","versionType":"git"},{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"f6250ecb7fbb934b89539e7e2ba6c1d8555c0975","status":"affected","versionType":"git"},{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"22ee7c9c7f381be178b4457bc54530002e08e938","status":"affected","versionType":"git"},{"version":"9b8a11e82615274d4133aab3cf5aa1c59191f0a2","lessThan":"8d207400fd6b79c92aeb2f33bb79f62dff904ea2","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/soc/qcom/qmi_encdec.c"],"versions":[{"version":"4.16","status":"affected"},{"version":"0","lessThan":"4.16","status":"unaffected","versionType":"semver"},{"version":"4.19.295","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.257","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.195","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.132","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.54","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.5.4","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"4.19.295"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.4.257"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.10.195"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.15.132"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.1.54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.5.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6b58859e7c4ac357517a59f0801e8ce1b58a8ee2"},{"url":"https://git.kernel.org/stable/c/64c5e916fabe5ef7bef0210b8a59fa8941ee1b8e"},{"url":"https://git.kernel.org/stable/c/2ccab9f82772ead618689d17dbc6950d6bd1e741"},{"url":"https://git.kernel.org/stable/c/b2f39b813d1eed4a522428d1e6acd7dfe9b81579"},{"url":"https://git.kernel.org/stable/c/f6250ecb7fbb934b89539e7e2ba6c1d8555c0975"},{"url":"https://git.kernel.org/stable/c/22ee7c9c7f381be178b4457bc54530002e08e938"},{"url":"https://git.kernel.org/stable/c/8d207400fd6b79c92aeb2f33bb79f62dff904ea2"}],"title":"soc: qcom: qmi_encdec: Restrict string length in decode","x_generator":{"engine":"bippy-1.2.0"}}}}