CVE-2023-53309 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/25e634d7f44eb13113139040e5366bebe48c882f
https://git.kernel.org/stable/c/2e1be420b86980c25a75325e90dfc3fc73126f61
https://git.kernel.org/stable/c/b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e
https://git.kernel.org/stable/c/c0d7dbc6b7a61a56028118c00af2c8319d44a682
https://git.kernel.org/stable/c/cfa9148bafb2d3292b65de1bac79dcca65be2643
https://git.kernel.org/stable/c/d05ba46134d07e889de7d23cf8503574a22ede09
https://git.kernel.org/stable/c/e6825b30d37fe89ceb87f926d33d4fad321a331e
https://git.kernel.org/stable/c/f828b681d0cd566f86351c0b913e6cb6ed8c7b9c
https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53309-005a@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53309
https://www.cve.org/CVERecord?id=CVE-2023-53309

History

Wed, 17 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53309-005a@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53309 https://www.cve.org/CVERecord?id=CVE-2023-53309
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Tue, 16 Sep 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later
Title		drm/radeon: Fix integer overflow in radeon_cs_parser_init
References		https://git.kernel.org/stable/c/25e634d7f44eb13113139040e5366bebe48c882f https://git.kernel.org/stable/c/2e1be420b86980c25a75325e90dfc3fc73126f61 https://git.kernel.org/stable/c/b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e https://git.kernel.org/stable/c/c0d7dbc6b7a61a56028118c00af2c8319d44a682 https://git.kernel.org/stable/c/cfa9148bafb2d3292b65de1bac79dcca65be2643 https://git.kernel.org/stable/c/d05ba46134d07e889de7d23cf8503574a22ede09 https://git.kernel.org/stable/c/e6825b30d37fe89ceb87f926d33d4fad321a331e https://git.kernel.org/stable/c/f828b681d0cd566f86351c0b913e6cb6ed8c7b9c

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T16:11:47.700Z

Updated: 2025-09-16T16:11:47.700Z

Reserved: 2025-09-16T16:08:59.562Z

Link: CVE-2023-53309

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-16T17:15:36.720

Modified: 2025-09-16T17:15:36.720

Link: CVE-2023-53309

Redhat

Severity : Low

Publid Date: 2025-09-16T00:00:00Z

Links: CVE-2023-53309 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object