{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53840","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-09T01:27:17.826Z","datePublished":"2025-12-09T01:29:56.848Z","dateUpdated":"2026-05-11T19:52:32.046Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:52:32.046Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: early: xhci-dbc: Fix a potential out-of-bound memory access\n\nIf xdbc_bulk_write() fails, the values in 'buf' can be anything. So the\nstring is not guaranteed to be NULL terminated when xdbc_trace() is called.\n\nReserve an extra byte, which will be zeroed automatically because 'buf' is\na static variable, in order to avoid troubles, should it happen."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/usb/early/xhci-dbc.c"],"versions":[{"version":"aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0","lessThan":"e8fb0f13e45cf361fd06593d3cb2d89915cd3bd0","status":"affected","versionType":"git"},{"version":"aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0","lessThan":"351c8d8650d1ccc006255fa01f98b6c6496a02e5","status":"affected","versionType":"git"},{"version":"aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0","lessThan":"df7c8aba7309f4dc55df94e06b67f576c0f52406","status":"affected","versionType":"git"},{"version":"aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0","lessThan":"a4a97ab3db5c081eb6e7dba91306adefb461e0bd","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/usb/early/xhci-dbc.c"],"versions":[{"version":"4.12","status":"affected"},{"version":"0","lessThan":"4.12","status":"unaffected","versionType":"semver"},{"version":"5.15.99","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.16","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2.3","lessThanOrEqual":"6.2.*","status":"unaffected","versionType":"semver"},{"version":"6.3","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"5.15.99"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.1.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.2.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/e8fb0f13e45cf361fd06593d3cb2d89915cd3bd0"},{"url":"https://git.kernel.org/stable/c/351c8d8650d1ccc006255fa01f98b6c6496a02e5"},{"url":"https://git.kernel.org/stable/c/df7c8aba7309f4dc55df94e06b67f576c0f52406"},{"url":"https://git.kernel.org/stable/c/a4a97ab3db5c081eb6e7dba91306adefb461e0bd"}],"title":"usb: early: xhci-dbc: Fix a potential out-of-bound memory access","x_generator":{"engine":"bippy-1.2.0"}}}}