CVE-2023-53648
ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant assignment, return error if rac97 is NULL.
INFO
Published Date :
Oct. 7, 2025, 4:15 p.m.
Last Modified :
Oct. 8, 2025, 7:38 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Remove redundant assignment in snd_ac97_mixer.
- Return an error if rac97 is NULL.
- Apply the patch to the Linux kernel.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-53648.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-53648 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-53648
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53648 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-53648 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Oct. 07, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant assignment, return error if rac97 is NULL. Added Reference https://git.kernel.org/stable/c/09baf460dfba79ee6a0c72e68ccdbbba84d894df Added Reference https://git.kernel.org/stable/c/228da1fa124470606ac19783e551f9d51a1e01b0 Added Reference https://git.kernel.org/stable/c/300e26e3e64880de5013eac8831cf44387ef752c Added Reference https://git.kernel.org/stable/c/5f13d67027fa782096e6aee0db5dce61c4aeb613 Added Reference https://git.kernel.org/stable/c/79597c8bf64ca99eab385115743131d260339da5 Added Reference https://git.kernel.org/stable/c/809af7bb4219bdeef0dbb8b2ed700d6516d13fe9 Added Reference https://git.kernel.org/stable/c/d28b83252e150155b8b8c65b612c555e93c8b45f Added Reference https://git.kernel.org/stable/c/e4cccff1e7ab6ea30995b6fbbb007d02647e025c Added Reference https://git.kernel.org/stable/c/f923a582217b198b557756809ffe42ac0fad6adb