CVE-2023-53059

🗓️ 02 May 2025 15:55:13Reported by LinuxType

cve🔗 web.nvd.nist.gov👁 101 Views🌐 WEB

Vulnerability CVE-2023-53059 in Linux kernel fixed kernel data leak via ioctl with zeroed memory.

Reporter	Title	Published	Views	Family All 189
ATTACKERKB	CVE-2023-53059	2 May 202516:15	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.10, linux, linux-5.15	20 May 202605:53	–	astralinux
BDU FSTEC	The vulnerability of the driver/platform/chrome/cros_ec_chardev.c module in the Linux operating system allows a hacker to disclose protected information.	27 May 202500:00	–	bdu_fstec
CNNVD	Linux kernel 安全漏洞	2 May 202500:00	–	cnnvd
Cvelist	CVE-2023-53059 platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl	2 May 202515:55	–	cvelist
Debian CVE	CVE-2023-53059	2 May 202515:55	–	debiancve
EUVD	EUVD-2025-13203	3 Oct 202520:07	–	euvd
NVD	CVE-2023-53059	2 May 202516:15	–	nvd
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:02173-1)	2 Jul 202500:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:02262-1)	11 Jul 202500:00	–	openvas

NVD

Vulners

CNA

Node

linux linux_kernelRange5.4–5.4.240

linux linux_kernelRange5.5–5.10.177

linux linux_kernelRange5.11–5.15.105

linux linux_kernelRange5.16–6.1.22

linux linux_kernelRange6.2–6.2.9

linux linux_kernelMatch6.3rc1

linux linux_kernelMatch6.3rc2

linux linux_kernelMatch6.3rc3

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/platform/chrome/cros_ec_chardev.c"
    ],
    "versions": [
      {
        "version": "eda2e30c6684d67288edb841c6125d48c608a242",
        "lessThan": "13493ad6a220cb3f6f3552a16b4f2753a118b633",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "eda2e30c6684d67288edb841c6125d48c608a242",
        "lessThan": "f86ff88a1548ccf5a13960c0e7625ca787ea0993",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "eda2e30c6684d67288edb841c6125d48c608a242",
        "lessThan": "ebea2e16504f40d2c2bac42ad5c5a3de5ce034b4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "eda2e30c6684d67288edb841c6125d48c608a242",
        "lessThan": "eab28bfafcd1245a3510df9aa9eb940589956ea6",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "eda2e30c6684d67288edb841c6125d48c608a242",
        "lessThan": "a0d8644784f73fa39f57f72f374eefaba2bf48a0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "eda2e30c6684d67288edb841c6125d48c608a242",
        "lessThan": "b20cf3f89c56b5f6a38b7f76a8128bf9f291bbd3",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/platform/chrome/cros_ec_chardev.c"
    ],
    "versions": [
      {
        "version": "5.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.4",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.240",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.177",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.105",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.22",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.2.9",
        "lessThanOrEqual": "6.2.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.3",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/a0d8644784f73fa39f57f72f374eefaba2bf48a0
git	www.git.kernel.org/stable/c/13493ad6a220cb3f6f3552a16b4f2753a118b633
git	www.git.kernel.org/stable/c/eab28bfafcd1245a3510df9aa9eb940589956ea6
git	www.git.kernel.org/stable/c/ebea2e16504f40d2c2bac42ad5c5a3de5ce034b4
git	www.git.kernel.org/stable/c/b20cf3f89c56b5f6a38b7f76a8128bf9f291bbd3
git	www.git.kernel.org/stable/c/f86ff88a1548ccf5a13960c0e7625ca787ea0993

Parameter	Position	Path	Description	CWE
insize	header	linux/v6.2/source/include/linux/platform_data/cros_ec_proto.h#L74	Kernel data leak via ioctl when using cros_ec_chardev: supplying a larger insize in cros_ec_command leaks kernel page data.	CWE-200

11 May 2026 19:37Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17.1

EPSS0.00064