CVE-2023-7324 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Sanitize possible addl_desc_ptr out-of-bounds accesses in ses_enclosure_data_process().

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00036.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

References

Link	Providers
https://git.kernel.org/stable/c/27067c672980b497cc34048b69b12820851ac6b9
https://git.kernel.org/stable/c/2ecd344173a5663d523433819da0484cb268b186
https://git.kernel.org/stable/c/384aa697d8f2a28b5e962f5292cdfd2e528b5df7
https://git.kernel.org/stable/c/8e454aba72805241239caf8ba9b8e5a6be772b96
https://git.kernel.org/stable/c/a156a262c543fa5ff30bcb2fc6ad1a95cb4ab57a
https://git.kernel.org/stable/c/af5114d824f3511a69d68beff49ca9a7c32d44e0
https://git.kernel.org/stable/c/b91ef85a32fdba45fcbad87dd526d73d3b6d857d
https://git.kernel.org/stable/c/db95d4df71cb55506425b6e4a5f8d68e3a765b63
https://lore.kernel.org/linux-cve-announce/2025102918-CVE-2023-7324-8dca@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-7324
https://www.cve.org/CVERecord?id=CVE-2023-7324

History

Mon, 05 Jan 2026 11:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:linux:linux_kernel::::::::

Thu, 30 Oct 2025 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Thu, 30 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025102918-CVE-2023-7324-8dca@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-7324 https://www.cve.org/CVERecord?id=CVE-2023-7324
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 29 Oct 2025 14:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Sanitize possible addl_desc_ptr out-of-bounds accesses in ses_enclosure_data_process().
Title		scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
References		https://git.kernel.org/stable/c/27067c672980b497cc34048b69b12820851ac6b9 https://git.kernel.org/stable/c/2ecd344173a5663d523433819da0484cb268b186 https://git.kernel.org/stable/c/384aa697d8f2a28b5e962f5292cdfd2e528b5df7 https://git.kernel.org/stable/c/8e454aba72805241239caf8ba9b8e5a6be772b96 https://git.kernel.org/stable/c/a156a262c543fa5ff30bcb2fc6ad1a95cb4ab57a https://git.kernel.org/stable/c/af5114d824f3511a69d68beff49ca9a7c32d44e0 https://git.kernel.org/stable/c/b91ef85a32fdba45fcbad87dd526d73d3b6d857d https://git.kernel.org/stable/c/db95d4df71cb55506425b6e4a5f8d68e3a765b63

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-29T13:46:14.184Z

Updated: 2026-01-05T10:34:08.565Z

Reserved: 2025-10-29T13:44:46.603Z

Link: CVE-2023-7324

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-10-29T14:15:49.927

Modified: 2025-10-30T15:03:13.440

Link: CVE-2023-7324

Redhat

Severity : Moderate

Publid Date: 2025-10-29T00:00:00Z

Links: CVE-2023-7324 - Bugzilla

OpenCVE Enrichment

Updated: 2025-10-30T14:38:26Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object