CVE-2023-53803
CVE-2023-53803 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (7th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2023-60103
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271 Checking after (and before in next loop) addl_desc_ptr[1] is sufficient, we expect the size to be sanitized before first access to addl_desc_ptr[1]. Make sure we don't walk beyond end of page.
Frequently asked questions
- What is CVE-2023-53803?
- In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271 Checking after (and before in next loop) addl_desc_ptr[1] is sufficient, we expect the size to be sanitized before first access to addl_desc_ptr[1]. Make sure we don't walk beyond end of page.
- Is CVE-2023-53803 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (7th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2023-53803?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2023-53803 have an EU (EUVD) identifier?
- Yes. CVE-2023-53803 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2023-60103.
- When was CVE-2023-53803 published?
- CVE-2023-53803 was published on 2025-12-09 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/0dfe68394cbe1d4fe579fb325ecc813c50528c5a
- https://git.kernel.org/stable/c/2b28a7d261cb309912596d6a2d383ca370483527
- https://git.kernel.org/stable/c/467afb1dd630d8c6d172bd6cacc125199b5f4f2d
- https://git.kernel.org/stable/c/799e8dd2022d2e13f0c5c1906b40ceca07a23349
- https://git.kernel.org/stable/c/9b4f5028e493cb353a5c8f5c45073eeea0303abd
- https://git.kernel.org/stable/c/9e5c7d52085b8c84bc82a261580f0eb170039325
- https://git.kernel.org/stable/c/da1a955c48a16e16e925d6544793914e52a6fa51
- https://git.kernel.org/stable/c/e4dd25da784b2e07dbfbf04509afa4c5a1375227