CVE-2023-53648 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant assignment, return error if rac97 is NULL.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/09baf460dfba79ee6a0c72e68ccdbbba84d894df
https://git.kernel.org/stable/c/228da1fa124470606ac19783e551f9d51a1e01b0
https://git.kernel.org/stable/c/300e26e3e64880de5013eac8831cf44387ef752c
https://git.kernel.org/stable/c/5f13d67027fa782096e6aee0db5dce61c4aeb613
https://git.kernel.org/stable/c/79597c8bf64ca99eab385115743131d260339da5
https://git.kernel.org/stable/c/809af7bb4219bdeef0dbb8b2ed700d6516d13fe9
https://git.kernel.org/stable/c/d28b83252e150155b8b8c65b612c555e93c8b45f
https://git.kernel.org/stable/c/e4cccff1e7ab6ea30995b6fbbb007d02647e025c
https://git.kernel.org/stable/c/f923a582217b198b557756809ffe42ac0fad6adb
https://lore.kernel.org/linux-cve-announce/2025100718-CVE-2023-53648-3c04@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53648
https://www.cve.org/CVERecord?id=CVE-2023-53648

History

Wed, 08 Oct 2025 13:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Wed, 08 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100718-CVE-2023-53648-3c04@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53648 https://www.cve.org/CVERecord?id=CVE-2023-53648
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Low`

Tue, 07 Oct 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant assignment, return error if rac97 is NULL.
Title		ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
References		https://git.kernel.org/stable/c/09baf460dfba79ee6a0c72e68ccdbbba84d894df https://git.kernel.org/stable/c/228da1fa124470606ac19783e551f9d51a1e01b0 https://git.kernel.org/stable/c/300e26e3e64880de5013eac8831cf44387ef752c https://git.kernel.org/stable/c/5f13d67027fa782096e6aee0db5dce61c4aeb613 https://git.kernel.org/stable/c/79597c8bf64ca99eab385115743131d260339da5 https://git.kernel.org/stable/c/809af7bb4219bdeef0dbb8b2ed700d6516d13fe9 https://git.kernel.org/stable/c/d28b83252e150155b8b8c65b612c555e93c8b45f https://git.kernel.org/stable/c/e4cccff1e7ab6ea30995b6fbbb007d02647e025c https://git.kernel.org/stable/c/f923a582217b198b557756809ffe42ac0fad6adb

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-07T15:19:45.780Z

Updated: 2025-10-07T15:19:45.780Z

Reserved: 2025-10-07T15:16:59.659Z

Link: CVE-2023-53648

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-10-07T16:15:48.257

Modified: 2025-10-08T19:38:09.863

Link: CVE-2023-53648

Redhat

Severity : Low

Publid Date: 2025-10-07T00:00:00Z

Links: CVE-2023-53648 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object