CVE-2023-53185
Published: Sep 15, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTC_CTRL_RSVD_SVC and should not be modified to be used for any other services. Reject such service connection responses. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected fb9987d0f748c983bb795a86f47522313f701a08 - < db8df00cd6d801b3abdb145201c2bdd1c665f585affected fb9987d0f748c983bb795a86f47522313f701a08 - < 9e3031eea2d45918dc44cbfc6a6029e82882916faffected fb9987d0f748c983bb795a86f47522313f701a08 - < 4dc3560561a08842b4a4c07ccc5a90e5067dbb5baffected fb9987d0f748c983bb795a86f47522313f701a08 - < 1044187e7249073f719ebbf9e5ffb4f16f99e555affected fb9987d0f748c983bb795a86f47522313f701a08 - < 95b4b940f0fb2873dcedad81699e869eb7581c85+4 more versions |
Linux | Linux | affected 2.6.35unaffected 0 - < 2.6.35unaffected 4.14.322 - <= 4.14.*unaffected 4.19.291 - <= 4.19.*unaffected 5.4.251 - <= 5.4.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now