[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-53147":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":68,"related":69,"reserved_at":9,"published_at":88,"modified_at":89,"state":90,"summary":91,"references_raw":100,"kevs":135,"epss":136,"epss_history":139,"metrics":410,"affected":416},"CVE-2023-53147","In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: add NULL check in xfrm_update_ae_params\n\nNormally, x->replay_esn and x->preplay_esn should be allocated at\nxfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the\nxfrm_update_ae_params(...) is okay to update them. However, the current\nimplementation of xfrm_new_ae(...) allows a malicious user to directly\ndereference a NULL pointer and crash the kernel like below.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 8253067 P4D 8253067 PUD 8e0e067 PMD 0\nOops: 0002 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 PID: 98 Comm: poc.npd Not tainted 6.4.0-rc7-00072-gdad9774deaf1 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.o4\nRIP: 0010:memcpy_orig+0xad/0x140\nCode: e8 4c 89 5f e0 48 8d 7f e0 73 d2 83 c2 20 48 29 d6 48 29 d7 83 fa 10 72 34 4c 8b 06 4c 8b 4e 08 c\nRSP: 0018:ffff888008f57658 EFLAGS: 00000202\nRAX: 0000000000000000 RBX: ffff888008bd0000 RCX: ffffffff8238e571\nRDX: 0000000000000018 RSI: ffff888007f64844 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffff888008f57818\nR13: ffff888007f64aa4 R14: 0000000000000000 R15: 0000000000000000\nFS:  00000000014013c0(0000) GS:ffff88806d600000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000054d8000 CR4: 00000000000006f0\nCall Trace:\n \u003CTASK>\n ? __die+0x1f/0x70\n ? page_fault_oops+0x1e8/0x500\n ? __pfx_is_prefetch.constprop.0+0x10/0x10\n ? __pfx_page_fault_oops+0x10/0x10\n ? _raw_spin_unlock_irqrestore+0x11/0x40\n ? fixup_exception+0x36/0x460\n ? _raw_spin_unlock_irqrestore+0x11/0x40\n ? exc_page_fault+0x5e/0xc0\n ? asm_exc_page_fault+0x26/0x30\n ? xfrm_update_ae_params+0xd1/0x260\n ? memcpy_orig+0xad/0x140\n ? __pfx__raw_spin_lock_bh+0x10/0x10\n xfrm_update_ae_params+0xe7/0x260\n xfrm_new_ae+0x298/0x4e0\n ? __pfx_xfrm_new_ae+0x10/0x10\n ? __pfx_xfrm_new_ae+0x10/0x10\n xfrm_user_rcv_msg+0x25a/0x410\n ? __pfx_xfrm_user_rcv_msg+0x10/0x10\n ? __alloc_skb+0xcf/0x210\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1c/0x70\n ? __stack_depot_save+0x39/0x4e0\n ? __kasan_slab_free+0x10a/0x190\n ? kmem_cache_free+0x9c/0x340\n ? netlink_recvmsg+0x23c/0x660\n ? sock_recvmsg+0xeb/0xf0\n ? __sys_recvfrom+0x13c/0x1f0\n ? __x64_sys_recvfrom+0x71/0x90\n ? do_syscall_64+0x3f/0x90\n ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n ? copyout+0x3e/0x50\n netlink_rcv_skb+0xd6/0x210\n ? __pfx_xfrm_user_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? __pfx_sock_has_perm+0x10/0x10\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n xfrm_netlink_rcv+0x44/0x50\n netlink_unicast+0x36f/0x4c0\n ? __pfx_netlink_unicast+0x10/0x10\n ? netlink_recvmsg+0x500/0x660\n netlink_sendmsg+0x3b7/0x700\n\nThis Null-ptr-deref bug is assigned CVE-2023-3772. And this commit\nadds additional NULL check in xfrm_update_ae_params to fix the NPD.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66],{"_key":25},"SUSE-SU-2025:03613-1",{"_key":27},"SUSE-SU-2025:03614-1",{"_key":29},"SUSE-SU-2025:03615-1",{"_key":31},"SUSE-SU-2025:03626-1",{"_key":33},"SUSE-SU-2025:03628-1",{"_key":35},"SUSE-SU-2025:3716-1",{"_key":37},"SUSE-SU-2025:3761-1",{"_key":39},"SUSE-SU-2025:4057-1",{"_key":41},"SUSE-SU-2025:4132-1",{"_key":43},"SUSE-SU-2025:4315-1",{"_key":45},"SUSE-SU-2025:3751-1",{"_key":47},"SUSE-SU-2025:20851-1",{"_key":49},"SUSE-SU-2025:20861-1",{"_key":51},"SUSE-SU-2025:20870-1",{"_key":53},"SUSE-SU-2025:20898-1",{"_key":55},"SUSE-SU-2025:4141-1",{"_key":57},"SUSE-SU-2025:03600-1",{"_key":59},"SUSE-SU-2025:03634-1",{"_key":61},"DEBIAN-CVE-2023-53147",{"_key":63},"RHSA-2024:0575",{"_key":65},"RHSA-2023:7077",{"_key":67},"UBUNTU-CVE-2023-53147",[],[70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},"2025-09-15T14:03:08.937Z","2026-05-11T19:39:21.360Z","Analyzed",{"cisa_kev":92,"cisa_ransomware":92,"cisa_vendor":9,"epss_severity":93,"epss_score":94,"severity":95,"severity_score":96,"severity_version":97,"severity_source":98,"severity_vector":99,"severity_status":90},false,"low",0.00021,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[101,107,111,115,119,123,127,131],{"url":102,"sources":103,"tags":105},"https://git.kernel.org/stable/c/ed1cba039309c80b49719fcff3e3d7cdddb73d96",[104,98],"cve.org",[106],"Patch",{"url":108,"sources":109,"tags":110},"https://git.kernel.org/stable/c/44f69c96f8a147413c23c68cda4d6fb5e23137cd",[104,98],[106],{"url":112,"sources":113,"tags":114},"https://git.kernel.org/stable/c/8046beb890ebc83c5820188c650073e1c6066e67",[104,98],[106],{"url":116,"sources":117,"tags":118},"https://git.kernel.org/stable/c/bd30aa9c7febb6e709670cd5154194189ca3b7b5",[104,98],[106],{"url":120,"sources":121,"tags":122},"https://git.kernel.org/stable/c/075448a2eb753f813fe873cfa52853e9fef8eedb",[104,98],[106],{"url":124,"sources":125,"tags":126},"https://git.kernel.org/stable/c/87b655f4936b6fc01f3658aa88a22c923b379ebd",[104,98],[106],{"url":128,"sources":129,"tags":130},"https://git.kernel.org/stable/c/53df4be4f5221e90dc7aa9ce745a9a21bb7024f4",[104,98],[106],{"url":132,"sources":133,"tags":134},"https://git.kernel.org/stable/c/00374d9b6d9f932802b55181be9831aa948e5b7c",[104,98],[106],[],{"date":137,"score":94,"percentile":138},"2026-06-03",0.06131,[140,144,147,150,153,156,159,162,165,168,171,174,177,180,183,186,189,192,195,199,202,205,208,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293,296,299,302,305,307,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,361,364,367,370,373,376,379,382,385,388,391,394,396,399,402,404,407],{"date":141,"score":142,"percentile":143},"2025-11-04",0.00035,0.09398,{"date":145,"score":142,"percentile":146},"2025-11-05",0.09417,{"date":148,"score":142,"percentile":149},"2025-11-06",0.09538,{"date":151,"score":142,"percentile":152},"2025-11-07",0.0956,{"date":154,"score":142,"percentile":155},"2025-11-08",0.09573,{"date":157,"score":142,"percentile":158},"2025-11-09",0.09543,{"date":160,"score":142,"percentile":161},"2025-11-10",0.09501,{"date":163,"score":142,"percentile":164},"2025-11-11",0.09518,{"date":166,"score":142,"percentile":167},"2025-11-12",0.09548,{"date":169,"score":142,"percentile":170},"2025-11-13",0.0959,{"date":172,"score":142,"percentile":173},"2025-11-14",0.09613,{"date":175,"score":142,"percentile":176},"2025-11-15",0.09627,{"date":178,"score":142,"percentile":179},"2025-11-16",0.09632,{"date":181,"score":142,"percentile":182},"2025-11-17",0.09624,{"date":184,"score":142,"percentile":185},"2025-11-18",0.05816,{"date":187,"score":142,"percentile":188},"2025-11-19",0.05834,{"date":190,"score":142,"percentile":191},"2025-11-20",0.0587,{"date":193,"score":142,"percentile":194},"2025-11-21",0.0968,{"date":196,"score":197,"percentile":198},"2025-11-22",0.00036,0.10375,{"date":200,"score":197,"percentile":201},"2025-11-23",0.10335,{"date":203,"score":197,"percentile":204},"2025-11-24",0.10302,{"date":206,"score":197,"percentile":207},"2025-11-25",0.10304,{"date":209,"score":210,"percentile":211},"2025-11-26",0.00018,0.0335,{"date":213,"score":210,"percentile":214},"2025-11-27",0.03364,{"date":216,"score":210,"percentile":217},"2025-11-28",0.03365,{"date":219,"score":210,"percentile":220},"2025-11-29",0.0341,{"date":222,"score":210,"percentile":223},"2025-11-30",0.03412,{"date":225,"score":210,"percentile":226},"2025-12-01",0.03506,{"date":228,"score":210,"percentile":229},"2025-12-02",0.03517,{"date":231,"score":210,"percentile":232},"2025-12-03",0.03528,{"date":234,"score":210,"percentile":235},"2025-12-04",0.0347,{"date":237,"score":210,"percentile":238},"2025-12-05",0.03515,{"date":240,"score":210,"percentile":241},"2025-12-06",0.0353,{"date":243,"score":210,"percentile":244},"2025-12-07",0.03535,{"date":246,"score":210,"percentile":247},"2025-12-08",0.03532,{"date":249,"score":210,"percentile":250},"2025-12-09",0.03559,{"date":252,"score":210,"percentile":253},"2025-12-10",0.03596,{"date":255,"score":210,"percentile":256},"2025-12-11",0.03586,{"date":258,"score":210,"percentile":259},"2025-12-12",0.03599,{"date":261,"score":210,"percentile":262},"2025-12-13",0.03603,{"date":264,"score":210,"percentile":265},"2025-12-14",0.03602,{"date":267,"score":210,"percentile":268},"2025-12-15",0.03587,{"date":270,"score":210,"percentile":271},"2025-12-16",0.03605,{"date":273,"score":210,"percentile":274},"2025-12-17",0.03628,{"date":276,"score":210,"percentile":277},"2025-12-18",0.03645,{"date":279,"score":210,"percentile":280},"2025-12-19",0.03629,{"date":282,"score":210,"percentile":283},"2025-12-20",0.03626,{"date":285,"score":210,"percentile":286},"2025-12-21",0.03646,{"date":288,"score":210,"percentile":289},"2025-12-22",0.03625,{"date":291,"score":210,"percentile":292},"2025-12-23",0.03636,{"date":294,"score":210,"percentile":295},"2025-12-24",0.03631,{"date":297,"score":210,"percentile":298},"2025-12-25",0.03644,{"date":300,"score":210,"percentile":301},"2025-12-26",0.0364,{"date":303,"score":210,"percentile":304},"2025-12-27",0.03661,{"date":306,"score":210,"percentile":301},"2025-12-28",{"date":308,"score":210,"percentile":280},"2025-12-29",{"date":310,"score":210,"percentile":311},"2025-12-30",0.03612,{"date":313,"score":210,"percentile":314},"2025-12-31",0.03607,{"date":316,"score":210,"percentile":317},"2026-01-01",0.03694,{"date":319,"score":210,"percentile":320},"2026-01-02",0.03686,{"date":322,"score":210,"percentile":323},"2026-01-03",0.03679,{"date":325,"score":210,"percentile":326},"2026-01-04",0.03568,{"date":328,"score":210,"percentile":329},"2026-01-05",0.03554,{"date":331,"score":210,"percentile":332},"2026-01-06",0.03545,{"date":334,"score":210,"percentile":335},"2026-01-07",0.03569,{"date":337,"score":210,"percentile":338},"2026-01-08",0.03594,{"date":340,"score":210,"percentile":341},"2026-01-09",0.03611,{"date":343,"score":210,"percentile":344},"2026-01-10",0.03616,{"date":346,"score":210,"percentile":347},"2026-01-11",0.03598,{"date":349,"score":210,"percentile":350},"2026-01-12",0.036,{"date":352,"score":210,"percentile":353},"2026-01-13",0.03595,{"date":355,"score":210,"percentile":356},"2026-01-14",0.03606,{"date":358,"score":359,"percentile":360},"2026-01-15",0.00023,0.0537,{"date":362,"score":359,"percentile":363},"2026-01-16",0.05374,{"date":365,"score":359,"percentile":366},"2026-01-17",0.05382,{"date":368,"score":359,"percentile":369},"2026-01-18",0.05373,{"date":371,"score":359,"percentile":372},"2026-01-19",0.05331,{"date":374,"score":359,"percentile":375},"2026-01-20",0.05288,{"date":377,"score":359,"percentile":378},"2026-01-21",0.05286,{"date":380,"score":359,"percentile":381},"2026-01-22",0.05267,{"date":383,"score":359,"percentile":384},"2026-01-23",0.05324,{"date":386,"score":359,"percentile":387},"2026-01-24",0.05367,{"date":389,"score":359,"percentile":390},"2026-01-25",0.05314,{"date":392,"score":359,"percentile":393},"2026-01-26",0.05289,{"date":395,"score":359,"percentile":381},"2026-01-27",{"date":397,"score":359,"percentile":398},"2026-01-28",0.05252,{"date":400,"score":359,"percentile":401},"2026-01-29",0.05264,{"date":403,"score":359,"percentile":381},"2026-01-30",{"date":405,"score":359,"percentile":406},"2026-01-31",0.05259,{"date":408,"score":359,"percentile":409},"2026-02-01",0.05341,[411],{"source":98,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":412,"cvss_v4_0":9},{"baseScore":96,"baseSeverity":413,"vectorString":99,"impactScore":414,"exploitabilityScore":415},"MEDIUM",6,4.6,[417,452],{"ecosystem":9,"name":418,"vendor":419,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"Linux","linux","a",[422,429,432,435,438,441,444,447,450],{"version":423,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":427,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C ed1cba039309c80b49719fcff3e3d7cdddb73d96",true,"d8647b79c3b7e223ac051439d165bc8e7bbb832f","including","ed1cba039309c80b49719fcff3e3d7cdddb73d96","excluding",{"version":430,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":431,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C 44f69c96f8a147413c23c68cda4d6fb5e23137cd","44f69c96f8a147413c23c68cda4d6fb5e23137cd",{"version":433,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":434,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C 8046beb890ebc83c5820188c650073e1c6066e67","8046beb890ebc83c5820188c650073e1c6066e67",{"version":436,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":437,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C bd30aa9c7febb6e709670cd5154194189ca3b7b5","bd30aa9c7febb6e709670cd5154194189ca3b7b5",{"version":439,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":440,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C 075448a2eb753f813fe873cfa52853e9fef8eedb","075448a2eb753f813fe873cfa52853e9fef8eedb",{"version":442,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":443,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C 87b655f4936b6fc01f3658aa88a22c923b379ebd","87b655f4936b6fc01f3658aa88a22c923b379ebd",{"version":445,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":446,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C 53df4be4f5221e90dc7aa9ce745a9a21bb7024f4","53df4be4f5221e90dc7aa9ce745a9a21bb7024f4",{"version":448,"is_range":424,"range_type":104,"version_start":425,"version_start_type":426,"version_end":449,"version_end_type":428,"fixed_in":9},">= d8647b79c3b7e223ac051439d165bc8e7bbb832f, \u003C 00374d9b6d9f932802b55181be9831aa948e5b7c","00374d9b6d9f932802b55181be9831aa948e5b7c",{"version":451,"is_range":92,"range_type":104,"version_start":451,"version_start_type":426,"version_end":451,"version_end_type":426,"fixed_in":9},"2.6.39",{"ecosystem":9,"name":453,"vendor":419,"product":454,"cpe_part":455,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":456},"linux kernel","linux_kernel","o",[457,461,465,469,473,477,481,485,487,489,491,493,495],{"version":458,"is_range":424,"range_type":459,"version_start":451,"version_start_type":426,"version_end":460,"version_end_type":428,"fixed_in":9},"gte2.6.39_lt4.14.324","cpe","4.14.324",{"version":462,"is_range":424,"range_type":459,"version_start":463,"version_start_type":426,"version_end":464,"version_end_type":428,"fixed_in":9},"gte4.15_lt4.19.293","4.15","4.19.293",{"version":466,"is_range":424,"range_type":459,"version_start":467,"version_start_type":426,"version_end":468,"version_end_type":428,"fixed_in":9},"gte4.20_lt5.4.255","4.20","5.4.255",{"version":470,"is_range":424,"range_type":459,"version_start":471,"version_start_type":426,"version_end":472,"version_end_type":428,"fixed_in":9},"gte5.5_lt5.10.192","5.5","5.10.192",{"version":474,"is_range":424,"range_type":459,"version_start":475,"version_start_type":426,"version_end":476,"version_end_type":428,"fixed_in":9},"gte5.11_lt5.15.128","5.11","5.15.128",{"version":478,"is_range":424,"range_type":459,"version_start":479,"version_start_type":426,"version_end":480,"version_end_type":428,"fixed_in":9},"gte5.16_lt6.1.47","5.16","6.1.47",{"version":482,"is_range":424,"range_type":459,"version_start":483,"version_start_type":426,"version_end":484,"version_end_type":428,"fixed_in":9},"gte6.2_lt6.4.12","6.2","6.4.12",{"version":486,"is_range":92,"range_type":459,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc1",{"version":488,"is_range":92,"range_type":459,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc2",{"version":490,"is_range":92,"range_type":459,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc3",{"version":492,"is_range":92,"range_type":459,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc4",{"version":494,"is_range":92,"range_type":459,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc5",{"version":496,"is_range":92,"range_type":459,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc6"]