CVE-2023-53847 Affecting kernel-cross-headers package, versions *
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CENTOS9-KERNELCROSSHEADERS-14297215
- published10 Dec 2025
- disclosed9 Dec 2025
Introduced: 9 Dec 2025
NewCVE-2023-53847 (opens in a new tab)How to fix?
There is no fixed version for Centos:9 kernel-cross-headers.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-cross-headers package and not the kernel-cross-headers package as distributed by Centos.
See How to fix? for Centos:9 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
usb-storage: alauda: Fix uninit-value in alauda_check_media()
Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage:
BUG: KMSAN: uninit-value in alauda_transport+0x462/0x57f0 drivers/usb/storage/alauda.c:1137 CPU: 0 PID: 12279 Comm: usb-storage Not tainted 5.3.0-rc7+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x191/0x1f0 lib/dump_stack.c:113 kmsan_report+0x13a/0x2b0 mm/kmsan/kmsan_report.c:108 __msan_warning+0x73/0xe0 mm/kmsan/kmsan_instr.c:250 alauda_check_media+0x344/0x3310 drivers/usb/storage/alauda.c:460
The problem is that alauda_check_media() doesn't verify that its USB transfer succeeded before trying to use the received data. What should happen if the transfer fails isn't entirely clear, but a reasonably conservative approach is to pretend that no media is present.
A similar problem exists in a usb_stor_dbg() call in alauda_get_media_status(). In this case, when an error occurs the call is redundant, because usb_stor_ctrl_transfer() already will print a debugging message.
Finally, unrelated to the uninitialized memory access, is the fact that alauda_check_media() performs DMA to a buffer on the stack. Fortunately usb-storage provides a general purpose DMA-able buffer for uses like this. We'll use it instead.
References
- https://access.redhat.com/security/cve/CVE-2023-53847
- https://git.kernel.org/stable/c/044f4446e06bb03c52216697b14867ebc555ad3b
- https://git.kernel.org/stable/c/0d2d5282d39aed6f27dfe1ed60a5f3934ebd21cd
- https://git.kernel.org/stable/c/153c3e85873cc3e2f387169783c3a227bad9a95a
- https://git.kernel.org/stable/c/373e0ab8c4c516561493f1acf367c7ee7dc053c2
- https://git.kernel.org/stable/c/49d380bcd6cba987c6085fae6464c9c087e8d9a0
- https://git.kernel.org/stable/c/7a11d1e2625bdb2346f6586773b20b20977278ac
- https://git.kernel.org/stable/c/a6ff6e7a9dd69364547751db0f626a10a6d628d2
- https://git.kernel.org/stable/c/fe7c3a445d22783d27fe8bd0521a8aab1eb9da65