U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2023-53220 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() In az6007_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach az6007_i2c_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/1047f9343011f2cedc73c64829686206a7e9fc3f kernel.org
https://git.kernel.org/stable/c/5b1ea100ad3695025969dc4693f307877fb688d6 kernel.org
https://git.kernel.org/stable/c/6ab7ea4e17d6a605d05308adf8f3408924770cba kernel.org
https://git.kernel.org/stable/c/991c77fe18c6f374bbf83376f8c42550aa565662 kernel.org
https://git.kernel.org/stable/c/a1110f19d4940e4185251d072cbb0ff51486a1e7 kernel.org
https://git.kernel.org/stable/c/a9def3e9718a4dc756f48db147d42ec41a966240 kernel.org
https://git.kernel.org/stable/c/adcb73f8ce9aec48b1f85223f401c1574015d8d2 kernel.org
https://git.kernel.org/stable/c/c6763fefa267f6e62595a6ac1f57815d99fc90b7 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2023-53220
NVD Published Date:
09/15/2025
NVD Last Modified:
09/15/2025
Source:
kernel.org