vulnerability
Red Hat: CVE-2023-53465: kernel: soundwire: qcom: fix storing port config out-of-bounds (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:S/C:C/I:C/A:C) | Oct 1, 2025 | Nov 14, 2025 | Jan 21, 2026 |
Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Oct 1, 2025
Added
Nov 14, 2025
Modified
Jan 21, 2026
Description
In the Linux kernel, the following vulnerability has been resolved:
soundwire: qcom: fix storing port config out-of-bounds
The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14),
however we index it starting from 1, not 0, to match real port numbers.
This can lead to writing port config past 'pconfig' bounds and
overwriting next member of 'qcom_swrm_ctrl' struct. Reported also by
smatch:
drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow 'ctrl->pconfig' 14 <= 14
Solutions
redhat-upgrade-kernelredhat-upgrade-kernel-rt
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.