{
  "threat_severity" : "Low",
  "public_date" : "2025-10-04T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: HID: hyperv: avoid struct memcpy overrun warning",
    "id" : "2401552",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2401552"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-787",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nHID: hyperv: avoid struct memcpy overrun warning\nA previous patch addressed the fortified memcpy warning for most\nbuilds, but I still see this one with gcc-9:\nIn file included from include/linux/string.h:254,\nfrom drivers/hid/hid-hyperv.c:8:\nIn function 'fortify_memcpy_chk',\ninlined from 'mousevsc_on_receive' at drivers/hid/hid-hyperv.c:272:3:\ninclude/linux/fortify-string.h:583:4: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]\n583 |    __write_overflow_field(p_size_field, size);\n|    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nMy guess is that the WARN_ON() itself is what confuses gcc, so it no\nlonger sees that there is a correct range check. Rework the code in a\nway that helps readability and avoids the warning.", "A compiler warning issue was found in the Linux kernel's Hyper-V HID driver that could lead to potential memory safety issues. A local user can trigger this issue when the fortified memcpy implementation detects potential buffer overflows in the mousevsc_on_receive function, where the compiler cannot verify that memory copy operations stay within bounds. This could potentially result in memory corruption and denial of service." ],
  "statement" : "The Hyper-V HID driver's mousevsc_on_receive function performs memcpy operations on packet data received from the Hyper-V host. The fortified string functions (enabled with CONFIG_FORTIFY_SOURCE) perform compile-time checks to detect potential buffer overflows. With certain compiler versions (specifically GCC 9), the fortification checks trigger warnings about potential writes beyond field boundaries. While the code includes proper range checks via WARN_ON, the compiler's data flow analysis is confused by the assertion and cannot verify the bounds are correct. This creates a situation where either the range check is insufficient (potential buffer overflow) or the compiler analysis is overly conservative (false positive). The code was reworked to satisfy the compiler while maintaining safety. The issue affects Hyper-V Linux guests.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-11-14T00:00:00Z",
    "advisory" : "RHSA-2023:7077",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-513.5.1.el8_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2394",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.13.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2394",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.13.1.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-53553\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53553\nhttps://lore.kernel.org/linux-cve-announce/2025100448-CVE-2023-53553-f661@gregkh/T" ],
  "name" : "CVE-2023-53553",
  "mitigation" : {
    "value" : "To mitigate this issue, prevent the hv_hid module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.",
    "lang" : "en:us"
  },
  "csaw" : false
}