Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2023-53185

Published: September 16, 2025Last modified: September 16, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTC_CTRL_RSVD_SVC and should not be modified to be used for any other services. Reject such service connection responses. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlinux-ltsFixed (6.1.42-r0)
25 LTSlinux-ltsNot affected (6.6.89-r0)
Streamlinux-ltsFixed (6.6.58-r0)

References

ON THIS PAGE