What is the CVSS score of CVE-2023-53565?

CVE-2023-53565 has a CVSS 3.1 base score of 5.5 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Linux Kernel are affected by CVE-2023-53565?

CVE-2023-53565 presents moderate security risk, a null pointer dereference vulnerability rated CVSS 5.5. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2023-53565?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Linux Kernel CVE-2023-53565

EUVD-2025-32316 MEDIUM

NULL Pointer Dereference (CWE-476)

2025-10-04 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Denial Of Service Linux Null Pointer Dereference Red Hat Dell Linux Kernel Suse

5.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Patch released

Mar 21, 2026 - 00:43 nvd

Patch available

EUVD ID Assigned

Mar 13, 2026 - 19:56 euvd

EUVD-2025-32316

Analysis Generated

Mar 13, 2026 - 19:56 vuln.today

CVE Published

Oct 04, 2025 - 16:15 nvd

MEDIUM 5.5

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

wifi: brcmfmac: Check for probe() id argument being NULL

The probe() id argument may be NULL in 2 scenarios:

brcmf_pcie_pm_leave_D3() calling brcmf_pcie_probe() to reprobe

the device.

If a user tries to manually bind the driver from sysfs then the sdio /

pcie / usb probe() function gets called with NULL as id argument.

Is being hit by users causing the following oops on resume and causing

wifi to stop working:

BUG: kernel NULL pointer dereference, address: 0000000000000018 <snip> Hardware name: Dell Inc. XPS 13 9350/0PWNCR, BIDS 1.13.0 02/10/2020 Workgueue: events_unbound async_run_entry_fn RIP: 0010:brcmf_pcie_probe+Ox16b/0x7a0 [brcmfmac] <snip> Call Trace: <TASK> brcmf_pcie_pm_leave_D3+0xc5/8x1a0 [brcmfmac be3b4cefca451e190fa35be8f00db1bbec293887] ? pci_pm_resume+0x5b/0xf0 ? pci_legacy_resume+0x80/0x80 dpm_run_callback+0x47/0x150 device_resume+0xa2/0x1f0 async_resume+0x1d/0x30 <snip>

Fix this by checking for id being NULL.

In the PCI and USB cases try a manual lookup of the id so that manually binding the driver through sysfs and more importantly brcmf_pcie_probe() on resume will work.

For the SDIO case there is no helper to do a manual sdio_device_id lookup, so just directly error out on a NULL id there.

AnalysisAI

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check for probe() id argument being NULL The probe() id argument may be NULL in 2 scenarios: 1. brcmf_pcie_pm_leave_D3() calling brcmf_pcie_probe() to reprobe ...

Technical ContextAI

A NULL pointer dereference occurs when the application attempts to use a pointer that has not been initialized or has been set to NULL.

RemediationAI

A vendor patch is available — apply it immediately. Add NULL checks before pointer dereference operations. Use static analysis to identify potential NULL pointer issues. Enable compiler warnings.