CVE-2023-53553

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53553
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53553.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53553
Downstream
Related
Published
2025-10-04T15:16:59.091Z
Modified
2026-02-24T07:35:05.623764Z
Summary
HID: hyperv: avoid struct memcpy overrun warning
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: hyperv: avoid struct memcpy overrun warning

A previous patch addressed the fortified memcpy warning for most builds, but I still see this one with gcc-9:

In file included from include/linux/string.h:254, from drivers/hid/hid-hyperv.c:8: In function 'fortifymemcpychk', inlined from 'mousevsconreceive' at drivers/hid/hid-hyperv.c:272:3: include/linux/fortify-string.h:583:4: error: call to '_writeoverflowfield' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use structgroup()? [-Werror=attribute-warning] 583 | _writeoverflowfield(psize_field, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

My guess is that the WARN_ON() itself is what confuses gcc, so it no longer sees that there is a correct range check. Rework the code in a way that helps readability and avoids the warning.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53553.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
542f25a94471570e2594be5b422b9ca572cf88a1
Fixed
a7902cc5f5b9c95997017c8e309da760fb1deb6e
Fixed
5f151364b1da6bd217632fd4ee8cc24eaf66a497

Affected versions

v6.*
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4

Database specific

vanir_signatures 
[
    {
        "digest": {
            "length": 1195.0,
            "function_hash": "173317789228893868616195626462837707368"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a7902cc5f5b9c95997017c8e309da760fb1deb6e",
        "deprecated": false,
        "id": "CVE-2023-53553-0a9ac672",
        "signature_type": "Function",
        "target": {
            "function": "mousevsc_on_receive",
            "file": "drivers/hid/hid-hyperv.c"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "58567820915479335960185266004229075964",
                "18004014247543252916740294341741068994",
                "141593286053316899879839806522904822110",
                "130372109998771124904363717914694354006",
                "55217658432867036527589588894496850644",
                "243098817244379554839646709760880306382",
                "324634097927754561181866803465600645065",
                "279050321622116545983758706298691812995",
                "21072715164649380799725062302147331324",
                "332221919838538124909917458344356445520",
                "146435972296834312583727405610672804892"
            ]
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a7902cc5f5b9c95997017c8e309da760fb1deb6e",
        "deprecated": false,
        "id": "CVE-2023-53553-1064bac1",
        "signature_type": "Line",
        "target": {
            "file": "drivers/hid/hid-hyperv.c"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "58567820915479335960185266004229075964",
                "18004014247543252916740294341741068994",
                "141593286053316899879839806522904822110",
                "130372109998771124904363717914694354006",
                "55217658432867036527589588894496850644",
                "243098817244379554839646709760880306382",
                "324634097927754561181866803465600645065",
                "279050321622116545983758706298691812995",
                "21072715164649380799725062302147331324",
                "332221919838538124909917458344356445520",
                "146435972296834312583727405610672804892"
            ]
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f151364b1da6bd217632fd4ee8cc24eaf66a497",
        "deprecated": false,
        "id": "CVE-2023-53553-505030bf",
        "signature_type": "Line",
        "target": {
            "file": "drivers/hid/hid-hyperv.c"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "length": 1195.0,
            "function_hash": "173317789228893868616195626462837707368"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f151364b1da6bd217632fd4ee8cc24eaf66a497",
        "deprecated": false,
        "id": "CVE-2023-53553-f4f123d6",
        "signature_type": "Function",
        "target": {
            "function": "mousevsc_on_receive",
            "file": "drivers/hid/hid-hyperv.c"
        },
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53553.json"

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
bcecfeef53d4a78b282d67713ff8d6b35da723f0

Affected versions

v6.*
v6.2
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53553.json"