CVE-2023-53165
MEDIUMLinux Kernel 4.6-4.14.323 - Uninitialized Memory Read in UDF Charset Conversion
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. The only practical impact is that the name may be prepended a "unification hash" when it is not actually needed but still it is good to fix this.
References (8)
Core 8
Core References
Scores
CVSS v3
5.5
EPSS
0.0015
EPSS Percentile
4.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-908
Status
published
Products (19)
Linux/Linux
< 4.6
Linux/Linux
4.14.324 - 4.14.*
Linux/Linux
4.19.293 - 4.19.*
Linux/Linux
4.6
Linux/Linux
484a10f49387e4386bf2708532e75bf78ffea2cb - 008ae78d1e12efa904dc819b1ec83e2bca6b2c56
Linux/Linux
484a10f49387e4386bf2708532e75bf78ffea2cb - 028f6055c912588e6f72722d89c30b401bbcf013
Linux/Linux
484a10f49387e4386bf2708532e75bf78ffea2cb - 3f1368af47acf4d0b2a5fb0d2c0d6919d2234b6d
Linux/Linux
484a10f49387e4386bf2708532e75bf78ffea2cb - 4503f6fc95d6dee85fb2c54785848799e192c51c
Linux/Linux
484a10f49387e4386bf2708532e75bf78ffea2cb - 4d50988da0db167aed6f38685145cb5cd526c4f8
Linux/Linux
484a10f49387e4386bf2708532e75bf78ffea2cb - 985f9666698960dfc87a106d6314203fa90fda75
... and 9 more
Published
Sep 15, 2025
Tracked Since
Feb 18, 2026