CVE-2023-53803
In the Linux kernel, the following vulnerability has been resolved:
scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
A fix for:
BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271
Checking after (and before in next loop) addl_desc_ptr[1] is sufficient, we expect the size to be sanitized before first access to addl_desc_ptr[1]. Make sure we don't walk beyond end of page.
No affected software listed.
- https://git.kernel.org/stable/c/0dfe68394cbe1d4fe579fb325ecc813c50528c5a
- https://git.kernel.org/stable/c/2b28a7d261cb309912596d6a2d383ca370483527
- https://git.kernel.org/stable/c/467afb1dd630d8c6d172bd6cacc125199b5f4f2d
- https://git.kernel.org/stable/c/799e8dd2022d2e13f0c5c1906b40ceca07a23349
- https://git.kernel.org/stable/c/9b4f5028e493cb353a5c8f5c45073eeea0303abd
- https://git.kernel.org/stable/c/9e5c7d52085b8c84bc82a261580f0eb170039325
- https://git.kernel.org/stable/c/da1a955c48a16e16e925d6544793914e52a6fa51
- https://git.kernel.org/stable/c/e4dd25da784b2e07dbfbf04509afa4c5a1375227
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime