What is CVE-2023-53048?

CVE-2023-53048 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10, affecting Linux kernel versions from 5.13 onward and patched in 5.15.105, 6.1.22, 6.2.9 and others. CVE-2023-53048 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-53048?

CVE-2023-53048 has a CVSS score of 5.5 out of 10, rated Medium severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Is there a patch available for CVE-2023-53048?

Yes, CVE-2023-53048 has been patched. Fixed versions include 5.15.105, 6.1.22, 6.2.9 and others. If you are running Linux kernel 5.13 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-53048 actively exploited?

CVE-2023-53048 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-53048

Medium

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discover_identity message Since both source and sink device can send discover_identity message in PD3, kernel may dump below warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 169 at drivers/usb/typec/tcpm/tcpm.c:1446 tcpm_queue_vdm+0xe0/0xf0 Modules linked in: CPU: 0 PID: 169 Comm: 1-0050 Not tainted 6.1.1-00038-g6a3c36cf1da2-dirty #567 Hardware name: NXP i.MX8MPlus EVK board (DT) pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : tcpm_queue_vdm+0xe0/0xf0 lr : tcpm_queue_vdm+0x2c/0xf0 sp : ffff80000c19bcd0 x29: ffff80000c19bcd0 x28: 0000000000000001 x27: ffff0000d11c8ab8 x26: ffff0000d11cc000 x25: 0000000000000000 x24: 00000000ff008081 x23: 0000000000000001 x22: 00000000ff00a081 x21: ffff80000c19bdbc x20: 0000000000000000 x19: ffff0000d11c8080 x18: ffffffffffffffff x17: 0000000000000000 x16: 0000000000000000 x15: ffff0000d716f580 x14: 0000000000000001 x13: ffff0000d716f507 x12: 0000000000000001 x11: 0000000000000000 x10: 0000000000000020 x9 : 00000000000ee098 x8 : 00000000ffffffff x7 : 000000000000001c x6 : ffff0000d716f580 x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 x2 : ffff80000c19bdbc x1 : 00000000ff00a081 x0 : 0000000000000004 Call trace: tcpm_queue_vdm+0xe0/0xf0 tcpm_pd_rx_handler+0x340/0x1ab0 kthread_worker_fn+0xcc/0x18c kthread+0x10c/0x110 ret_from_fork+0x10/0x20 ---[ end trace 0000000000000000 ]--- Below sequences may trigger this warning: tcpm_send_discover_work(work) tcpm_send_vdm(port, USB_SID_PD, CMD_DISCOVER_IDENT, NULL, 0); tcpm_queue_vdm(port, header, data, count); port->vdm_state = VDM_STATE_READY; vdm_state_machine_work(work); <-- received discover_identity from partner vdm_run_state_machine(port); port->vdm_state = VDM_STATE_SEND_MESSAGE; mod_vdm_delayed_work(port, x); tcpm_pd_rx_handler(work); tcpm_pd_data_request(port, msg); tcpm_handle_vdm_request(port, msg->payload, cnt); tcpm_queue_vdm(port, response[0], &response[1], rlen - 1); --> WARN_ON(port->vdm_state > VDM_STATE_DONE); For this case, the state machine could still send out discover identity message later if we skip current discover_identity message. So we should handle the received message firstly and override the pending discover_identity message without warning in this case. Then, a delayed send_discover work will send discover_identity message again.

Package Linux Kernel

Published 2025-05-02

Last modified 2025-11-12

CVSS version 3.1

Patch available

Yes

CVSS 3.1 score

5.5

out of 10

Medium

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected versions

Linux kernel versions 5.13 and later are affected. Fixed in 5.15.105, 6.1.22, 6.2.9, 6.3 and their respective stable series.

Affected from

≥ 5.13

Fixed in

✓ 5.15.105 5.15.x ✓ 6.1.22 6.1.x ✓ 6.2.9 6.2.x ✓ 6.3

References

The following references provide additional information about CVE-2023-53048 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/abfc4fa28f0160df61c7149567da4f6494dfb488
Patch
Kernel patch commit
https://git.kernel.org/stable/c/bb579b3f75c60bf488a7c36e092e8be583407d53
Patch
Kernel patch commit
https://git.kernel.org/stable/c/d55ca2d2ea1a7ec553213986993fba8c0257381c
Patch

4 patch commits total View all on NVD

Details

CVE ID CVE-2023-53048

Severity Medium

CVSS score 5.5 / 10

CVSS version 3.1

Published 2025-05-02

Modified 2025-11-12

KEV No

Patch

Yes

Package linux

Frequently asked questions

What is CVE-2023-53048?

CVE-2023-53048 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . It affects Linux kernel versions from 5.13 onward and has been patched in 5.15.105, 6.1.22, 6.2.9 and others. CVE-2023-53048 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2023-53048?

CVE-2023-53048 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Is there a patch available for CVE-2023-53048?

Yes — CVE-2023-53048 has been patched. Fixed versions include 5.15.105, 6.1.22, 6.2.9 and others. If you are running Linux kernel 5.13 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-53048 actively exploited?

No — CVE-2023-53048 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.